Role & Capability Snapshot for WordPress is a read-only auditing plugin for WordPress roles and capabilities.

It helps agencies, maintainers, and site administrators document who can do what on a WordPress site before launch, after delivery, or during ongoing maintenance.

This is not a role editor.
It does not create roles.
It does not edit roles.
It does not change capabilities.
It does not automatically fix permissions.

Instead, it safely reads the current WordPress role and capability configuration, lets you export CSV files, create snapshots, and compare permission changes over time.

Why this plugin exists

WordPress roles and capabilities can become hard to review after installing multiple plugins, themes, or custom code. A site may gain new roles, new capabilities, or additional users with administrator-level access.

Role & Capability Snapshot for WordPress gives you a simple way to record the current state of a site without changing it.

Core features

- Role overview with role key, display name, capability count, user count, and review notices
- Capability overview showing which roles include each capability
- Admin-like user list, including users who may effectively have manage_options access
- Role-based CSV export
- Permission snapshots
- Snapshot comparison
- Added and removed role comparison
- Added and removed capability comparison by role
- Review notices for potentially sensitive capabilities
- Read-only design that does not modify WordPress roles or capabilities
- No external service required
- No tracking
- No telemetry
- No external monitoring

Read-only by design

This plugin is built for auditing and documentation, not editing.

It does not use role or capability mutation features to modify your WordPress access setup. It stores only its own snapshot data inside your WordPress database.

Useful for

- WordPress agencies
- Site maintenance teams
- Website handover documentation
- Sites with multiple administrators
- Pre-launch access reviews
- Post-delivery permission records
- Support teams that need a clear permission snapshot before making changes

What it deliberately does not do

- It does not edit roles
- It does not add or remove capabilities
- It does not create users
- It does not change user roles
- It does not automatically fix permissions
- It does not provide a security diagnosis
- It does not monitor your site externally
- It does not send data to external services

Sensitive capability notices

The plugin can show review notices for capabilities that may deserve extra attention, such as plugin installation, theme editing, user management, or network administration capabilities.

These notices are informational only. They are not a vulnerability scan and should not be treated as a definitive security diagnosis.

CSV export

You can export role capability data to CSV for documentation, client delivery, internal reviews, or change records.

Snapshots and comparison

Create a snapshot before and after major work, plugin installations, maintenance tasks, or site handover. Then compare snapshots to see what changed.

Privacy

The plugin runs inside your WordPress admin area and does not send data to external services.

Author

Created by SG Group.

Support

For support, please contact:
https://sggroup.jp/contact/

Codester profile:
https://www.codester.com/SGGro...

- Read-only WordPress role and capability auditing
- Role list with capability count and user count
- Capability list showing which roles include each capability
- Admin-like user list
- Role-based CSV export
- Snapshot creation for current role/capability state
- Snapshot comparison
- Added and removed roles comparison
- Added and removed capabilities by role
- Potentially sensitive capability review notices
- Tools > Role Snapshot admin screen
- WordPress admin UI only
- No frontend output
- No external service required
- No tracking or telemetry
- Does not edit roles or capabilities

- WordPress 7.0 tested
- PHP 7.4 or higher
- MySQL or MariaDB supported by WordPress
- Administrator account with manage_options capability
- Modern web browser for WordPress admin access
- No WooCommerce required
- No external API required
- No external account required

Installation

1. Download the package from Codester.
2. Extract the main download ZIP on your computer.
3. Find the WordPress plugin ZIP inside the package.
4. In your WordPress admin dashboard, go to Plugins > Add New > Upload Plugin.
5. Upload the plugin ZIP.
6. Activate the plugin.
7. Go to Tools > Role Snapshot.

Basic usage

1. Open Tools > Role Snapshot.
2. Review the Overview tab for a quick role and capability summary.
3. Open the Roles tab to review roles, capability counts, and user counts.
4. Open the Capabilities tab to review which roles include each capability.
5. Open the Admin Users tab to review users with administrator-like access.
6. Use CSV export to document a role’s capabilities.
7. Create a snapshot before or after site delivery, maintenance, or plugin changes.
8. Use the Compare tab to compare two snapshots.

Important note

This plugin is read-only. It does not edit roles, users, or capabilities. It is designed for auditing, documentation, and comparison.