Per this Trac ticket, WP intentionally disallows adding the ‘unfiltered_html’ capability to any non-Super Admin users on the WordPress multisite network. This is due to potential security vulnerabilities that could result from doing to. As that ticket points out: Any user could add Javascript code to steal the login cookies of any visitor who runs a blog […]

Read more

The function below can be used to get all  of a user’s capabilities: View the code on Gist. If you pass a user ID to it, you will get that user’s capabilities. If you don’t pass anything to it, you’ll get the current user’s capabilities instead. It will return an array of capabilities like the […]

Read more