* Widgets permissions module was added. If role has access to the “Widgets” menu item of “Appearance” menu, you may block access to the selected widgets for that role. Use a new “Widgets” button at the role editor page.
* Fix for: PHP Notice:
Undefined variable: user_role_editor in user-role-editor-pro.php on line 69 introduced in version 4.14.2. If automatic updates feature was broken for you for that reason, update to this version manually.
* Integration with Gravity Forms permissions system was updated for admin menu blocking module.
* Integer “1” as default capability value for new added empty role was excluded for the better compatibility with WordPress core. Boolean “true” is used instead as WordPress itself does.
* Integration with Gravity Forms permissions system was enhanced for WordPress multisite.
* Roles import module may import role with integer (not boolean) capability value “1”. Error was shown earlier.
* Error message from import roles module shows role and capability which does not pass the validation rule.
* Admin menu access module:
- Bug was fixed which prevented to prohibit direct URL access to the blocked menu items. Recheck roles blocked admin menu items after installing this update as with low probability you may need to redefine them from the scratch. Try to deactivate/activate plugin 1st (Network deactivate/Network Activate for WP multisite). Generally it helps according to the test results;
- role menu permissions processing was updated for the Gravity Forms plugin under WP multisite.
* Integration with Gravity Forms permissions system was enhanced for WP multisite.
* MySQL query optimized in order to reduce memory consumption.
* Extra WordPress nonce field was removed from the post at main role editor page.
* The instance of main plugin class User_Role_Editor is available for other developers via $GLOBALS[‘user_role_editor’]
* Compatibility issue with the theme [“WD TechGoStore”](http://wpdance.com) is resolved. This theme loads its JS and CSS stuff for admin backend unconditionally – for all pages except loading for its own pages only.
While the problem is caused just by CSS, URE unloads for optimization purpose all this theme’s JS and CSS from WP admin backend pages where conflict is possible.
* Fix for the issue with periodic URE license key value disappearance at WordPress multi-site.
* Minor code enhancements.
* Technical update to fix the issue with the automatic updates API link. This link should start from
https://www.role-editor.com instead of
This is related to migration of
role-editor.com to the Google App Engine platform, which does not support SSL for the naked custom domains and
force us to use SSL secured links from www subdomain, e.g.
https://www.role-editor.com in our case. Starting from this version automatic update is in the working state.
In order to fix the issue for earlier installed version 4.12 You may replace manually the
user-role-editor-pro.php file to the file from version 4.12.1 installation package.
* Use new “Admin Menu” button to block selected admin menu items for role. You need to activate this module at the “Additional Modules”. This feature is useful when a lot of submenu items are restricted by the same user capability,
e.g. “Settings” submenu, but you wish allow to user work just with part of it. You may use “Admin Menu” dialog as the reference for your work with roles and capabilities as “Admin Menu” shows
what user capability restrict access to what admin menu item.
* Posts/Pages edit restriction feature does not prohibit to add new post/page now. Now it should be managed via ‘create_posts’ or ‘create_pages’ user capabilities.
* If you use Posts/Pages edit restriction by author IDs, there is no need to add user ID to allow him edit his own posts or page. Current user is added to the allowed authors list automatically.
* New tab “Additional Modules” was added to the User Role Editor options page. As per name all options related to additional modules were moved there.
* Bug was fixed. It had prevented bulk move users without role (–No role for this site–) to the selected role in case such users were shown more than at one WordPress Users page.
* Single-site: It is possible to bulk move users without role (–No role for this site–) to the selected role or automatically created role “No rights” without any capabilities. Get more details at https://role-editor.com/no-role-for-this-site/
* Posts/pages edit restriction controls are shown at user profile in case only if user can edit posts/pages.
* It is possible to restrict editing posts/pages by its authors user ID (targeted user should have edit_others_posts or edit_others_pages capability).
* Multi-site: Superadmin can setup individual lists of themes available for activation to selected sites administrators.
* Gravity Forms access restriction module was tested and compatible with Gravity Forms version 1.8.5
* Plugin uses for dialogs jQuery UI CSS included into WordPress package instead of external one.
* Security enhancement: ‘__()’ and ‘_e()’ WordPress text translation functions were replaced with more secure ‘esc_html__()’ and ‘esc_html_e()’.
* It is possible to restrict access to the post or page content view for selected roles. Activate the option at plugin “Settings” page and use new “Content View Restrictions” metabox at post/page editor to setup content view access restrictions. Read more…
* Gravity Forms access management module was updated for compatibility with Gravity Forms version 1.8.3. If you need compatibility with earlier Gravity Forms versions, e.g. 1.7.9, use User Role Editor version 4.9.