{"id":299758,"date":"2026-04-27T12:35:08","date_gmt":"2026-04-27T12:35:08","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/workflow-manager-system\/"},"modified":"2026-05-09T04:18:14","modified_gmt":"2026-05-09T04:18:14","slug":"cutmap-editorial-workflow","status":"publish","type":"plugin","link":"https:\/\/test.wordpress.org\/plugins\/cutmap-editorial-workflow\/","author":23479758,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.4.7","stable_tag":"1.4.7","tested":"6.9.4","requires":"5.8","requires_php":"7.4","requires_plugins":null,"header_name":"Cutmap Editorial Workflow","header_author":"Aswini Kumar","header_description":"Content workflow system for assigning creators and approvers.","assets_banners_color":"e9f1f7","last_updated":"2026-05-09 04:18:14","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"","header_author_uri":"","rating":4.7,"author_block_rating":0,"active_installs":0,"downloads":234,"num_ratings":6,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.2.0":{"tag":"1.2.0","author":"aswinikumar","date":"2026-05-02 08:02:03"},"1.4.6":{"tag":"1.4.6","author":"aswinikumar","date":"2026-05-02 08:02:03"},"1.4.7":{"tag":"1.4.7","author":"aswinikumar","date":"2026-05-09 04:18:14"}},"upgrade_notice":[],"ratings":{"1":0,"2":0,"3":1,"4":0,"5":5},"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3516460,"resolution":"128x128","location":"assets","locale":"","width":1024,"height":1024}},"assets_banners":{"banner-772x250.png":{"filename":"banner-772x250.png","revision":3520089,"resolution":"772x250","location":"assets","locale":"","width":1460,"height":470}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.2.0","1.4.6","1.4.7"],"block_files":[],"assets_screenshots":[],"screenshots":{"1":"The central assignments dashboard showing all active workflows.","2":"The post editor screen with the Workflow Management metabox.","3":"Audit log showing the history of a specific content piece."},"jetpack_post_was_ever_published":false},"plugin_section":[262246],"plugin_tags":[14587,4917,8485,110,8197],"plugin_category":[53],"plugin_contributors":[261170],"plugin_business_model":[],"class_list":["post-299758","plugin","type-plugin","status-publish","hentry","plugin_section-dashboard-widgets","plugin_tags-assignments","plugin_tags-content-management","plugin_tags-editorial","plugin_tags-review","plugin_tags-workflow","plugin_category-ratings-and-reviews","plugin_contributors-aswinikumar","plugin_committers-aswinikumar"],"banners":{"banner":"https:\/\/ps.w.org\/cutmap-editorial-workflow\/assets\/banner-772x250.png?rev=3520089","banner_2x":false,"banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/cutmap-editorial-workflow\/assets\/icon-128x128.png?rev=3516460","icon_2x":false,"generated":false},"screenshots":[],"raw_content":"<!--section=description-->\n<p>Cutmap Editorial Workflow is a robust, professional-grade content management solution designed for publishers, news portals, and content-heavy websites. It brings structure, accountability, and security to your editorial team by implementing a controlled content creation and review workflow.<\/p>\n\n<p>Say goodbye to accidental publishes and unreviewed edits. With Cutmap Editorial Workflow, every piece of content goes through a defined chain of command before reaching your audience.<\/p>\n\n<h3>Key Features<\/h3>\n\n<ul>\n<li><strong>Role-Based Access Control<\/strong>: Empowers your team with specialized 'Creator' and 'Approver' roles, restricting access to only what they need.<\/li>\n<li><strong>Content Isolation<\/strong>: Creators and Approvers only see the tasks assigned to them, reducing clutter and preventing unauthorized edits on other content.<\/li>\n<li><strong>Safe Live Editing<\/strong>: Edit published content safely in the background. The public continues to see the approved version while your team works on revisions.<\/li>\n<li><strong>Centralized Assignment Dashboard<\/strong>: A dedicated space for administrators to monitor all active workflows and assign tasks effortlessly.<\/li>\n<li><strong>Automated Notifications<\/strong>: Keep the workflow moving with real-time email and admin alerts for assignments and status changes.<\/li>\n<li><strong>Audit Trail<\/strong>: Maintain a transparent history of who created, edited, and approved each piece of content.<\/li>\n<\/ul>\n\n<!--section=installation-->\n<ol>\n<li>Upload the <code>cutmap-editorial-workflow<\/code> folder to the <code>\/wp-content\/plugins\/<\/code> directory.<\/li>\n<li>Activate the plugin through the 'Plugins' menu in WordPress.<\/li>\n<li>Use the 'Workflows' menu in the admin dashboard to start assigning content.<\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id=\"can%20i%20use%20this%20for%20custom%20post%20types%3F\"><h3>Can I use this for Custom Post Types?<\/h3><\/dt>\n<dd><p>Yes, the Cutmap Editorial Workflow supports Posts, Pages, and all registered Custom Post Types.<\/p><\/dd>\n<dt id=\"how%20do%20i%20add%20a%20creator%3F\"><h3>How do I add a Creator?<\/h3><\/dt>\n<dd><p>The plugin automatically creates a 'Creator' role upon activation. You can assign this role to any user from the WordPress 'Users' menu.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.4.7<\/h4>\n\n<ul>\n<li>Security: Hardened database queries by replacing serialized lookups with direct relational structures for improved performance and safety.<\/li>\n<li>Security: Eliminated inline JavaScript by moving workflow actions to a dedicated static file.<\/li>\n<li>Security: Added explicit early exits after redirects to ensure execution flow integrity.<\/li>\n<li>Code Quality: Standardized line endings to LF and added .gitattributes for repository consistency.<\/li>\n<li>Cosmetic: Cleaned up package docblocks across the codebase.<\/li>\n<\/ul>\n\n<h4>1.4.6<\/h4>\n\n<ul>\n<li>Security: Removed hardcoded sample-user password (<code>Workflow@123<\/code>). Each new sample user now receives a unique password generated via <code>wp_generate_password(16, true)<\/code>, displayed once in the admin notice and never stored in source.<\/li>\n<li>Security: Added <code>rest_pre_insert_{post_type}<\/code> enforcement to block unauthorized publish attempts via the REST API. Admin-role REST tokens can no longer bypass the editorial workflow when a post has an active assignment.<\/li>\n<li>Bug fix: <code>reject()<\/code> no longer overwrites the approved content snapshot with the rejected draft. Visitors continue seeing the last explicitly approved version while the creator revises and re-submits.<\/li>\n<li>Performance: <code>dbDelta()<\/code> schema checks in <code>CUTMAP_DB<\/code> and <code>CUTMAP_WNS<\/code> are now guarded by a version option (<code>cew_db_version<\/code>, <code>cew_wns_version<\/code>). The expensive schema introspection runs only on activation\/upgrade, not on every page load.<\/li>\n<li>Cleanup: <code>uninstall.php<\/code> now deletes all <code>_cew_*<\/code> post meta rows and removes plugin version options, leaving no orphaned data after deletion.<\/li>\n<li>Reliability: The <code>ALTER TABLE \u2026 DROP INDEX<\/code> migration for the audit-log unique key now runs reliably on every upgrade because the schema version option is cleared on activation.<\/li>\n<\/ul>\n\n<h4>1.4.5<\/h4>\n\n<ul>\n<li>Resolved remaining critical security checklist issues including strict nonce validation across all forms\/actions.<\/li>\n<li>Sanitized remaining raw $_POST and $_GET superglobal accesses and strictly avoided empty() checks for them.<\/li>\n<li>Re-audited output escaping inside admin tables and guaranteed all display logic passes through esc_html() and esc_url().<\/li>\n<li>Ensured every single admin_post action starts with a firm current_user_can() capability check followed by wp_die().<\/li>\n<\/ul>\n\n<h4>1.4.4<\/h4>\n\n<ul>\n<li>Hardened admin actions with strict <code>current_user_can()<\/code> capability checks.<\/li>\n<li>Improved security by ensuring complete table cleanup on uninstall.<\/li>\n<li>Verified input sanitization and output escaping across the plugin.<\/li>\n<\/ul>\n\n<h4>1.4.3<\/h4>\n\n<ul>\n<li>Removed UTF-8 Byte Order Marks (BOM) from PHP files to satisfy automated checks.<\/li>\n<\/ul>\n\n<h4>1.4.2<\/h4>\n\n<ul>\n<li>Fixed unescaped translatable label strings in the frontend shortcode output by using <code>esc_html__<\/code>.<\/li>\n<\/ul>\n\n<h4>1.4.1<\/h4>\n\n<ul>\n<li>Fixed <code>the_title<\/code> escaping context from <code>wp_kses_post<\/code> to <code>esc_html<\/code>.<\/li>\n<li>Fixed stale admin hook slug to ensure assets enqueue correctly.<\/li>\n<\/ul>\n\n<h4>1.4.0<\/h4>\n\n<ul>\n<li>Fixed <code>wp_enqueue<\/code> issues by converting raw script\/style tags.<\/li>\n<li>Added rigorous escaping output (<code>wp_kses_post<\/code>) to all filter callbacks.<\/li>\n<li>Cleaned up unclosed <code>ob_start<\/code> buffers to ensure safe hook flows.<\/li>\n<li>Changed short prefixes to longer <code>CUTMAP_<\/code> prefixes.<\/li>\n<\/ul>\n\n<h4>1.3.0<\/h4>\n\n<ul>\n<li>Fixed plugin header metadata parsing issues for strict WordPress.org compatibility.<\/li>\n<\/ul>\n\n<h4>1.2.0<\/h4>\n\n<ul>\n<li>Renamed plugin to Cutmap Editorial Workflow.<\/li>\n<li>Enhanced security: Enqueued all inline scripts and styles using WP core APIs.<\/li>\n<li>Refactored prefixes to comply with WordPress official plugin guidelines.<\/li>\n<li>Improved dashboard UI and workflow assignment screen.<\/li>\n<\/ul>\n\n<h4>1.1.0<\/h4>\n\n<ul>\n<li>Hardened security and addressed plugin review feedback.<\/li>\n<li>Refined capabilities and user role checks.<\/li>\n<li>Removed redundant database tables for improved performance.<\/li>\n<\/ul>\n\n<h4>1.0.0<\/h4>\n\n<ul>\n<li>Initial release.<\/li>\n<li>Added Creator and Approver roles.<\/li>\n<li>Added assignment tracking for posts and pages.<\/li>\n<li>Added email notification system.<\/li>\n<\/ul>","raw_excerpt":"Professional content workflow system for managing creators, approvers, and editorial cycles.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/299758","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=299758"}],"author":[{"embeddable":true,"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/aswinikumar"}],"wp:attachment":[{"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=299758"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=299758"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=299758"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=299758"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=299758"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/test.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=299758"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}