For the last year or so, we’ve been using WordPress Download Manager Pro to deliver files to our users. We have been using User Role Editor to create custom roles that we use to segment what files we make available to which users.
Here’s how it works…
1. A user registers via a WPDM form
2. They are added as a “subscriber’ by default
3. We manually assign them a custom role (military, first responder, etc…)
4. When we add new software via WPDM we set the access based on those roles
5. When a user with the role “military” logins in, they see the files made available to “military.”
It was working great, until recently.
We just noticed that subscribers are seeing files that they should not be able to.