Per this Trac ticket, WP intentionally disallows adding the ‘unfiltered_html’ capability to any non-Super Admin users on the WordPress multisite network. This is due to potential security vulnerabilities that could result from doing to. As that ticket points out:

Any user could add Javascript code to steal the login cookies of any visitor who runs a blog on the same site. The rogue user can then impersonate any of those users and wreak havoc.

If you just want those users to be able to insert things like YouTube video iframes, you could instead use WP’s built-in embed shortcode to embed that content instead.

If that’s not enough, and you need to extend the ‘unfiltered_html’ capability to non-Super Admins, the code below can be used to do that. Just be sure that you trust those users 100% – with great power comes great responsibility.

Just change ‘editor’ on line 13 with whichever user role you need to add the unfiltered_html capability to.

Props to Justin Tadlock for the code he posted on this thread.

Also see this plugin by Automattic that gives both Administrators and Editors the unfiltered_html capability on multisite installs:


  1. Nukium February 2, 2017 at 9:23 am


    I’ve been looking for this for ages, you’re a hero.

  2. Anton Chizhikov February 22, 2017 at 8:55 am


    Where shouljd I add the code , Kellen?

    • Kellen Mace March 24, 2017 at 9:28 am


      You could create a new plugin with that code inside of it, or put that code inside of the theme’s functions.php file. Putting it inside of a plugin would be the preferred way to include it, since that way you would be able to change your theme without that capability being lost (which WOULD happen if you put it in the theme’s functions.php). Either way would work, though.

Leave a reply

Your email address will not be published. Required fields are marked *