{"id":299758,"date":"2026-04-27T12:35:08","date_gmt":"2026-04-27T12:35:08","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/workflow-manager-system\/"},"modified":"2026-05-02T08:02:03","modified_gmt":"2026-05-02T08:02:03","slug":"cutmap-editorial-workflow","status":"publish","type":"plugin","link":"https:\/\/ta-lk.wordpress.org\/plugins\/cutmap-editorial-workflow\/","author":23479758,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.4.6","stable_tag":"1.4.6","tested":"6.9.4","requires":"5.8","requires_php":"7.4","requires_plugins":null,"header_name":"Cutmap Editorial Workflow","header_author":"Aswini Kumar","header_description":"Content workflow system for assigning creators and approvers.","assets_banners_color":"e9f1f7","last_updated":"2026-05-02 08:02:03","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"","header_author_uri":"","rating":3,"author_block_rating":0,"active_installs":0,"downloads":143,"num_ratings":1,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.2.0":{"tag":"1.2.0","author":"aswinikumar","date":"2026-05-02 08:02:03"},"1.4.6":{"tag":"1.4.6","author":"aswinikumar","date":"2026-05-02 08:02:03"}},"upgrade_notice":[],"ratings":{"1":0,"2":0,"3":1,"4":0,"5":0},"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3516460,"resolution":"128x128","location":"assets","locale":""}},"assets_banners":{"banner-772x250.png":{"filename":"banner-772x250.png","revision":3520089,"resolution":"772x250","location":"assets","locale":""}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.2.0","1.4.6"],"block_files":[],"assets_screenshots":[],"screenshots":{"1":"The central assignments dashboard showing all active workflows.","2":"The post editor screen with the Workflow Management metabox.","3":"Audit log showing the history of a specific content piece."},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[14587,4917,8485,110,8197],"plugin_category":[53],"plugin_contributors":[261170],"plugin_business_model":[],"class_list":["post-299758","plugin","type-plugin","status-publish","hentry","plugin_tags-assignments","plugin_tags-content-management","plugin_tags-editorial","plugin_tags-review","plugin_tags-workflow","plugin_category-ratings-and-reviews","plugin_contributors-aswinikumar","plugin_committers-aswinikumar"],"banners":{"banner":"https:\/\/ps.w.org\/cutmap-editorial-workflow\/assets\/banner-772x250.png?rev=3520089","banner_2x":false,"banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/cutmap-editorial-workflow\/assets\/icon-128x128.png?rev=3516460","icon_2x":false,"generated":false},"screenshots":[],"raw_content":"<!--section=description-->\n<p>The Cutmap Editorial Workflow (CEW) is a professional-grade content management solution for WordPress. It is designed to bring structure, accountability, and security to the content creation process by implementing a multi-stage editorial workflow.<\/p>\n\n<p>Whether you are managing a small blog or a large-scale news portal, CEW ensures that every piece of content is reviewed and approved before it reaches your audience.<\/p>\n\n<p>Key Features:<\/p>\n\n<ul>\n<li>Role-Based Access Control (RBAC): Specialized user roles (Creators, Approvers) with restricted admin access.<\/li>\n<li>Multi-Stage Workflow Tracking: Post lifecycle stages including Assigned, In Review, and Approved.<\/li>\n<li>Centralized Assignment Dashboard: Admins can manage all active workflows and assign specific Creators and Approvers to any post, page, or custom post type.<\/li>\n<li>Content Isolation &amp; Focus: Creators and Approvers only see the content they are currently assigned to, reducing clutter and preventing unauthorized edits.<\/li>\n<li>Transparent Revision Management: Safe editing of live content via snapshots that only go live after approval.<\/li>\n<li>Activity &amp; Audit Logging: Detailed logs for tracking all workflow events.<\/li>\n<li>Automated Notifications: Real-time email\/admin alerts on task assignments and status updates.<\/li>\n<\/ul>\n\n<!--section=installation-->\n<ol>\n<li>Upload the <code>cutmap-editorial-workflow<\/code> folder to the <code>\/wp-content\/plugins\/<\/code> directory.<\/li>\n<li>Activate the plugin through the 'Plugins' menu in WordPress.<\/li>\n<li>Use the 'Workflows' menu in the admin dashboard to start assigning content.<\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id=\"can%20i%20use%20this%20for%20custom%20post%20types%3F\"><h3>Can I use this for Custom Post Types?<\/h3><\/dt>\n<dd><p>Yes, the Cutmap Editorial Workflow supports Posts, Pages, and all registered Custom Post Types.<\/p><\/dd>\n<dt id=\"how%20do%20i%20add%20a%20creator%3F\"><h3>How do I add a Creator?<\/h3><\/dt>\n<dd><p>The plugin automatically creates a 'Creator' role upon activation. You can assign this role to any user from the WordPress 'Users' menu.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.4.6<\/h4>\n\n<ul>\n<li>Security: Removed hardcoded sample-user password (<code>Workflow@123<\/code>). Each new sample user now receives a unique password generated via <code>wp_generate_password(16, true)<\/code>, displayed once in the admin notice and never stored in source.<\/li>\n<li>Security: Added <code>rest_pre_insert_{post_type}<\/code> enforcement to block unauthorized publish attempts via the REST API. Admin-role REST tokens can no longer bypass the editorial workflow when a post has an active assignment.<\/li>\n<li>Bug fix: <code>reject()<\/code> no longer overwrites the approved content snapshot with the rejected draft. Visitors continue seeing the last explicitly approved version while the creator revises and re-submits.<\/li>\n<li>Performance: <code>dbDelta()<\/code> schema checks in <code>CUTMAP_DB<\/code> and <code>CUTMAP_WNS<\/code> are now guarded by a version option (<code>cew_db_version<\/code>, <code>cew_wns_version<\/code>). The expensive schema introspection runs only on activation\/upgrade, not on every page load.<\/li>\n<li>Cleanup: <code>uninstall.php<\/code> now deletes all <code>_cew_*<\/code> post meta rows and removes plugin version options, leaving no orphaned data after deletion.<\/li>\n<li>Reliability: The <code>ALTER TABLE \u2026 DROP INDEX<\/code> migration for the audit-log unique key now runs reliably on every upgrade because the schema version option is cleared on activation.<\/li>\n<\/ul>\n\n<h4>1.4.5<\/h4>\n\n<ul>\n<li>Resolved remaining critical security checklist issues including strict nonce validation across all forms\/actions.<\/li>\n<li>Sanitized remaining raw $_POST and $_GET superglobal accesses and strictly avoided empty() checks for them.<\/li>\n<li>Re-audited output escaping inside admin tables and guaranteed all display logic passes through esc_html() and esc_url().<\/li>\n<li>Ensured every single admin_post action starts with a firm current_user_can() capability check followed by wp_die().<\/li>\n<\/ul>\n\n<h4>1.4.4<\/h4>\n\n<ul>\n<li>Hardened admin actions with strict <code>current_user_can()<\/code> capability checks.<\/li>\n<li>Improved security by ensuring complete table cleanup on uninstall.<\/li>\n<li>Verified input sanitization and output escaping across the plugin.<\/li>\n<\/ul>\n\n<h4>1.4.3<\/h4>\n\n<ul>\n<li>Removed UTF-8 Byte Order Marks (BOM) from PHP files to satisfy automated checks.<\/li>\n<\/ul>\n\n<h4>1.4.2<\/h4>\n\n<ul>\n<li>Fixed unescaped translatable label strings in the frontend shortcode output by using <code>esc_html__<\/code>.<\/li>\n<\/ul>\n\n<h4>1.4.1<\/h4>\n\n<ul>\n<li>Fixed <code>the_title<\/code> escaping context from <code>wp_kses_post<\/code> to <code>esc_html<\/code>.<\/li>\n<li>Fixed stale admin hook slug to ensure assets enqueue correctly.<\/li>\n<\/ul>\n\n<h4>1.4.0<\/h4>\n\n<ul>\n<li>Fixed <code>wp_enqueue<\/code> issues by converting raw script\/style tags.<\/li>\n<li>Added rigorous escaping output (<code>wp_kses_post<\/code>) to all filter callbacks.<\/li>\n<li>Cleaned up unclosed <code>ob_start<\/code> buffers to ensure safe hook flows.<\/li>\n<li>Changed short prefixes to longer <code>CUTMAP_<\/code> prefixes.<\/li>\n<\/ul>\n\n<h4>1.3.0<\/h4>\n\n<ul>\n<li>Fixed plugin header metadata parsing issues for strict WordPress.org compatibility.<\/li>\n<\/ul>\n\n<h4>1.2.0<\/h4>\n\n<ul>\n<li>Renamed plugin to Cutmap Editorial Workflow.<\/li>\n<li>Enhanced security: Enqueued all inline scripts and styles using WP core APIs.<\/li>\n<li>Refactored prefixes to comply with WordPress official plugin guidelines.<\/li>\n<li>Improved dashboard UI and workflow assignment screen.<\/li>\n<\/ul>\n\n<h4>1.1.0<\/h4>\n\n<ul>\n<li>Hardened security and addressed plugin review feedback.<\/li>\n<li>Refined capabilities and user role checks.<\/li>\n<li>Removed redundant database tables for improved performance.<\/li>\n<\/ul>\n\n<h4>1.0.0<\/h4>\n\n<ul>\n<li>Initial release.<\/li>\n<li>Added Creator and Approver roles.<\/li>\n<li>Added assignment tracking for posts and pages.<\/li>\n<li>Added email notification system.<\/li>\n<\/ul>","raw_excerpt":"Professional content workflow system. Admin assigns creators and approvers to manage editorial cycles.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ta-lk.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/299758","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ta-lk.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/ta-lk.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/ta-lk.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=299758"}],"author":[{"embeddable":true,"href":"https:\/\/ta-lk.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/aswinikumar"}],"wp:attachment":[{"href":"https:\/\/ta-lk.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=299758"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/ta-lk.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=299758"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/ta-lk.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=299758"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/ta-lk.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=299758"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/ta-lk.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=299758"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/ta-lk.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=299758"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}