{"id":314170,"date":"2026-05-22T21:22:19","date_gmt":"2026-05-22T21:22:19","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/editant\/"},"modified":"2026-05-22T21:21:39","modified_gmt":"2026-05-22T21:21:39","slug":"editant","status":"publish","type":"plugin","link":"https:\/\/wordpress.org\/plugins\/editant\/","author":23493777,"comment_status":"closed","ping_status":"closed","template":"","meta":{"version":"0.9.3","stable_tag":"0.9.3","tested":"6.9.4","requires":"6.6","requires_php":"8.1","requires_plugins":null,"header_name":"Editant","header_author":"Editant","header_description":"Login-free content review, approval, and collaboration for WordPress.","assets_banners_color":"a0c7d9","last_updated":"2026-05-22 21:21:39","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/editantapp.com","header_author_uri":"","rating":0,"author_block_rating":0,"active_installs":0,"downloads":31,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"0.9.3":{"tag":"0.9.3","author":"editant","date":"2026-05-22 21:21:39"}},"upgrade_notice":{"0.9.2":"<p>Security hardening on the public reviewer endpoints and removal of attribution from the preview page. Source code for the bundled assets now ships with the plugin.<\/p>","0.9.1":"<p>Sidebar now works on Pages and custom post types. Admin menu promoted to top-level. Post-deletion cascade added.<\/p>","0.9.0":"<p>First public pre-release of Editant.<\/p>"},"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3544459,"resolution":"128x128","location":"assets","locale":"","width":128,"height":128},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3544459,"resolution":"256x256","location":"assets","locale":"","width":256,"height":256},"icon.svg":{"filename":"icon.svg","revision":3544459,"resolution":false,"location":"assets","locale":false}},"assets_banners":{"banner-1544x500.jpg":{"filename":"banner-1544x500.jpg","revision":3544459,"resolution":"1544x500","location":"assets","locale":"","width":1544,"height":501},"banner-772x250.jpg":{"filename":"banner-772x250.jpg","revision":3544459,"resolution":"772x250","location":"assets","locale":"","width":772,"height":250}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["0.9.3"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":3544459,"resolution":"1","location":"assets","locale":"","width":957,"height":988},"screenshot-2.png":{"filename":"screenshot-2.png","revision":3544459,"resolution":"2","location":"assets","locale":"","width":951,"height":988},"screenshot-3.png":{"filename":"screenshot-3.png","revision":3544459,"resolution":"3","location":"assets","locale":"","width":955,"height":988},"screenshot-4.png":{"filename":"screenshot-4.png","revision":3544459,"resolution":"4","location":"assets","locale":"","width":953,"height":989}},"screenshots":{"1":"The block editor sidebar with active review threads on the current item.","2":"The reviewer-facing preview page showing the rendered content, comment panel, and decision buttons.","3":"The admin dashboard listing every item in review, with reviewer counts and decision summaries.","4":"The detail view showing all links, threads, and decisions for a single item on one screen."}},"plugin_section":[],"plugin_tags":[8196,8533,8485,110,8197],"plugin_category":[53],"plugin_contributors":[264052],"plugin_business_model":[],"class_list":["post-314170","plugin","type-plugin","status-publish","hentry","plugin_tags-approval","plugin_tags-audit","plugin_tags-editorial","plugin_tags-review","plugin_tags-workflow","plugin_category-ratings-and-reviews","plugin_contributors-editant","plugin_committers-editant"],"banners":{"banner":"https:\/\/ps.w.org\/editant\/assets\/banner-772x250.jpg?rev=3544459","banner_2x":"https:\/\/ps.w.org\/editant\/assets\/banner-1544x500.jpg?rev=3544459","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":"https:\/\/ps.w.org\/editant\/assets\/icon.svg?rev=3544459","icon":"https:\/\/ps.w.org\/editant\/assets\/icon.svg?rev=3544459","icon_2x":false,"generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/editant\/assets\/screenshot-1.png?rev=3544459","caption":"The block editor sidebar with active review threads on the current item."},{"src":"https:\/\/ps.w.org\/editant\/assets\/screenshot-2.png?rev=3544459","caption":"The reviewer-facing preview page showing the rendered content, comment panel, and decision buttons."},{"src":"https:\/\/ps.w.org\/editant\/assets\/screenshot-3.png?rev=3544459","caption":"The admin dashboard listing every item in review, with reviewer counts and decision summaries."},{"src":"https:\/\/ps.w.org\/editant\/assets\/screenshot-4.png?rev=3544459","caption":"The detail view showing all links, threads, and decisions for a single item on one screen."}],"raw_content":"<!--section=description-->\n<p>Editant is a content review and approval plugin for WordPress. Generate a secure preview link for any post, page, or custom post type and share it with reviewers - clients, stakeholders, internal teams, regulators - who can read the rendered content, leave threaded feedback, and approve or request changes. No WordPress login required for reviewers.<\/p>\n\n<p>Everything runs on your own WordPress instance. There is no SaaS backend, no per-seat fee, and no reviewer data leaves your server.<\/p>\n\n<h4>What's included<\/h4>\n\n<ul>\n<li>Tokenised preview links for any public post type, with configurable expiry and one-click revocation.<\/li>\n<li>Login-free reviewer access via secure 256-bit tokens, stored hashed.<\/li>\n<li>Threaded comments - reviewers and authors can reply within threads.<\/li>\n<li>Optional reviewer identity capture: anonymous, name only, or name plus email.<\/li>\n<li>Block editor sidebar showing live comment threads alongside the content you're editing, with auto-refresh and manual refresh.<\/li>\n<li>Admin dashboard listing every active link with reviewer counts, decisions, and last activity.<\/li>\n<li>Approve and Request Changes decisions, recorded with full history.<\/li>\n<li>Email notifications for new comments, replies, and decisions.<\/li>\n<li>Custom post type support out of the box.<\/li>\n<li>Full RTL language support across reviewer page, sidebar, and dashboard.<\/li>\n<li>Translation-ready, with a <code>.pot<\/code> file shipped.<\/li>\n<li>GDPR data exporter and eraser hooked into WordPress core privacy tools.<\/li>\n<\/ul>\n\n<h4>Coming next (Pro)<\/h4>\n\n<p>Editant Pro will add inline (text-anchored) commenting, tracked-changes-style suggestions, multi-reviewer quorum approvals, signed audit trails, deadlines and reminders, per-link access control (passwords, IP allow-lists, view-once links), white-labelling and branding for the reviewer page, and AI-assisted review features using your own provider keys.<\/p>\n\n<h4>Privacy<\/h4>\n\n<p>Editant stores reviewer comments and decisions in your own database. IP addresses and user agents are hashed with a per-site salt before storage. No data is sent to any external service from the free plugin. AI features (Pro) require you to bring your own provider key (OpenAI, Anthropic, Azure OpenAI, or local models via Ollama) - Editant never proxies AI calls.<\/p>\n\n<h3>Development<\/h3>\n\n<p>Editant is open source under the GPL. The full source for the admin and reviewer interfaces (React\/JSX and SCSS) ships in this plugin under <code>assets\/src\/<\/code>. Running the build below produces the files in <code>assets\/build\/<\/code> that ship with the plugin.<\/p>\n\n<p>To rebuild from source:<\/p>\n\n<ol>\n<li>Install Node.js 22 or later and PHP 8.1 or later.<\/li>\n<li>From the plugin directory, run <code>composer install<\/code> and <code>npm install<\/code>.<\/li>\n<li>Run <code>npm run build<\/code>.<\/li>\n<\/ol>\n\n<p>Configuration files included in the plugin: <code>webpack.config.js<\/code>, <code>package.json<\/code>, <code>composer.json<\/code>. Third-party dependencies are declared in <code>package.json<\/code> (JavaScript) and <code>composer.json<\/code> (PHP). The build pipeline uses <code>@wordpress\/scripts<\/code>.<\/p>\n\n<!--section=installation-->\n<ol>\n<li>Upload the plugin to your <code>\/wp-content\/plugins\/<\/code> directory, or install via Plugins -&gt; Add New.<\/li>\n<li>Activate Editant through the Plugins menu.<\/li>\n<li>Open any post, page, or supported custom post type in the block editor, click the Editant icon in the sidebar, and generate a review link.<\/li>\n<li>Copy the link and send it to your reviewer.<\/li>\n<\/ol>\n\n<p>Requirements:<\/p>\n\n<ul>\n<li>WordPress 6.6 or later<\/li>\n<li>PHP 8.1 or later<\/li>\n<li>MySQL 5.7+ or MariaDB 10.4+<\/li>\n<li>Pretty permalinks enabled (Settings -&gt; Permalinks set to anything other than \"Plain\")<\/li>\n<li>The WordPress block editor (Gutenberg). The Classic Editor plugin is not supported.<\/li>\n<\/ul>\n\n<!--section=faq-->\n<dl>\n<dt id=\"do%20reviewers%20need%20a%20wordpress%20account%3F\"><h3>Do reviewers need a WordPress account?<\/h3><\/dt>\n<dd><p>No. Reviewers click the link you send them and access the preview directly. You can optionally require them to enter a name, or a name plus email, before they can comment.<\/p><\/dd>\n<dt id=\"what%20content%20can%20i%20send%20for%20review%3F\"><h3>What content can I send for review?<\/h3><\/dt>\n<dd><p>Posts, pages, and any public custom post type. Each is handled the same way - generate a link, share it, collect feedback and decisions.<\/p><\/dd>\n<dt id=\"can%20i%20revoke%20a%20link%20after%20sharing%20it%3F\"><h3>Can I revoke a link after sharing it?<\/h3><\/dt>\n<dd><p>Yes. From the dashboard, open the link and click Revoke. The token is invalidated immediately and any subsequent access returns a 404.<\/p><\/dd>\n<dt id=\"what%20happens%20when%20a%20link%20expires%3F\"><h3>What happens when a link expires?<\/h3><\/dt>\n<dd><p>The link returns a 404. You can regenerate it (which produces a fresh token and soft-revokes the old one) or extend the expiry from the dashboard.<\/p><\/dd>\n<dt id=\"my%20reviewer%20link%20returns%20%22page%20not%20found%22.%20what%27s%20wrong%3F\"><h3>My reviewer link returns \"Page not found\". What's wrong?<\/h3><\/dt>\n<dd><p>This is almost always a WordPress rewrite-rules cache that has not picked up Editant's review URLs yet. Go to Settings -&gt; Permalinks, do not change anything, and click Save Changes. That regenerates the rewrite rules and the review URLs become routable.<\/p>\n\n<p>This can happen the first time you activate Editant, or after changing your permalink structure. Editant tries to refresh rewrite rules automatically on activation, but on some hosts the refresh does not always stick. The same fix applies if the symptom returns later.<\/p>\n\n<p>Also confirm that Settings -&gt; Permalinks is not set to \"Plain\". Editant requires pretty permalinks; any of the other settings (Post name, Day and name, etc.) is fine.<\/p><\/dd>\n<dt id=\"does%20this%20work%20with%20custom%20post%20types%3F\"><h3>Does this work with custom post types?<\/h3><\/dt>\n<dd><p>Yes. Editant supports any public custom post type registered with <code>show_in_rest<\/code> and <code>public<\/code> set to true.<\/p><\/dd>\n<dt id=\"is%20reviewer%20data%20sent%20anywhere%20outside%20my%20site%3F\"><h3>Is reviewer data sent anywhere outside my site?<\/h3><\/dt>\n<dd><p>No. Comments, decisions, and reviewer details are stored in your WordPress database. IP addresses and user agents are hashed before storage with a per-site salt.<\/p><\/dd>\n<dt id=\"can%20i%20customise%20the%20preview%20page%20styling%3F\"><h3>Can I customise the preview page styling?<\/h3><\/dt>\n<dd><p>The reviewer preview page ships with neutral, self-contained styles. Custom branding, brand colours, logos, and UI-based styling controls for the reviewer page are planned as part of Editant Pro.<\/p>\n\n<p>For developers, the preview renderer also exposes filter hooks (<code>editant_template_path<\/code> for full template overrides, and <code>editant_preview_html_head<\/code> \/ <code>editant_preview_html_footer<\/code> for injecting custom markup into the page head and footer) that allow theme-side customisation. See the plugin source for usage.<\/p><\/dd>\n<dt id=\"does%20editant%20work%20with%20the%20classic%20editor%3F\"><h3>Does Editant work with the Classic Editor?<\/h3><\/dt>\n<dd><p>No. Editant is a block editor plugin. The sidebar where you create and manage review links registers against the WordPress block editor (Gutenberg). If you use the Classic Editor plugin, or have classic mode enabled on a per-post basis, the Editant sidebar will not appear on those posts.<\/p><\/dd>\n<dt id=\"how%20do%20i%20uninstall%20completely%3F\"><h3>How do I uninstall completely?<\/h3><\/dt>\n<dd><p>Deactivate and delete the plugin from the Plugins page. Editant's <code>uninstall.php<\/code> removes the four custom database tables (<code>editant_links<\/code>, <code>editant_reviewers<\/code>, <code>editant_comments<\/code>, <code>editant_approvals<\/code>), the per-site hash salt, the plugin settings, and the registered capabilities.<\/p><\/dd>\n<dt id=\"is%20this%20multisite-compatible%3F\"><h3>Is this multisite-compatible?<\/h3><\/dt>\n<dd><p>Yes. Each subsite gets its own set of tables and links. Network activation is supported.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>0.9.2<\/h4>\n\n<ul>\n<li>Security: explicit boundary sanitisation added across the reviewer-facing public endpoints (identity capture, comments, decisions).<\/li>\n<li>Removed the \"Powered by Editant\" attribution from the reviewer preview page.<\/li>\n<li>Source code for the bundled JavaScript and CSS now ships with the plugin under <code>assets\/src\/<\/code>, alongside the build configuration (<code>composer.json<\/code>, <code>package.json<\/code>, <code>webpack.config.js<\/code>).<\/li>\n<li>Documentation: added a Development section to the readme covering source layout and rebuild steps. Clarified the preview-page customisation filter hooks available to theme developers.<\/li>\n<\/ul>\n\n<h4>0.9.1<\/h4>\n\n<ul>\n<li>Editor sidebar now appears on Pages and any public custom post type, not just Posts (migrated from <code>@wordpress\/edit-post<\/code> to <code>@wordpress\/editor<\/code>).<\/li>\n<li>Admin menu promoted from a submenu under Posts to a top-level menu item.<\/li>\n<li>Menu icon is now theme-aware: the SVG silhouette recolours per WordPress admin colour scheme.<\/li>\n<li>Permanently deleting a post now also removes its associated Editant links, reviewers, comments, and decisions.<\/li>\n<li>User-facing labels in the admin dashboard made post-type-neutral (\"item\", \"title\", \"content\" rather than \"post\").<\/li>\n<li>Documentation: clarified that Editant requires the block editor and that the Classic Editor plugin is not supported.<\/li>\n<li>Documentation: added FAQ entry covering the rewrite-rules refresh required when reviewer links return 404 immediately after install.<\/li>\n<li>Internal: repository interface layer introduced across the four data-path repositories; multisite-aware activator dispatcher.<\/li>\n<\/ul>\n\n<h4>0.9.0<\/h4>\n\n<p>Initial pre-release.<\/p>\n\n<p><strong>Reviewer experience<\/strong><\/p>\n\n<ul>\n<li>Tokenised preview links with configurable expiry, revocation, and regeneration.<\/li>\n<li>Login-free access; optional name or name + email identity capture.<\/li>\n<li>Threaded comments and approve \/ request changes decisions.<\/li>\n<\/ul>\n\n<p><strong>Authoring experience<\/strong><\/p>\n\n<ul>\n<li>Block editor sidebar with live thread updates (auto-refresh and manual refresh).<\/li>\n<li>Reply to reviewer comments from inside the editor.<\/li>\n<\/ul>\n\n<p><strong>Admin dashboard<\/strong><\/p>\n\n<ul>\n<li>Admin list view with link counts, reviewer activity, and decision summaries.<\/li>\n<li>Per-item detail view showing all links, threads, and decisions on one screen.<\/li>\n<\/ul>\n\n<p><strong>Notifications<\/strong><\/p>\n\n<ul>\n<li>Email notifications via <code>wp_mail<\/code> for new comments, replies, and decisions.<\/li>\n<\/ul>\n\n<p><strong>Internationalisation and accessibility<\/strong><\/p>\n\n<ul>\n<li>Full RTL support across reviewer page, sidebar, and dashboard.<\/li>\n<li>All user-facing strings translatable; <code>.pot<\/code> file shipped.<\/li>\n<\/ul>\n\n<p><strong>Privacy and security<\/strong><\/p>\n\n<ul>\n<li>Tokens generated with <code>random_bytes(32)<\/code>; stored as SHA-256 hashes only.<\/li>\n<li>Per-site hash salt for IP, email, and user agent fingerprints.<\/li>\n<li>Rate limiting on all public endpoints.<\/li>\n<li>GDPR personal data exporter and eraser registered with WordPress core privacy tools.<\/li>\n<li><code>X-Robots-Tag: noindex, nofollow, noarchive<\/code> and <code>Cache-Control: no-store<\/code> on every preview response.<\/li>\n<\/ul>\n\n<p><strong>Quality<\/strong><\/p>\n\n<ul>\n<li>PHPUnit suite covering domain values, services, repositories, and privacy classes.<\/li>\n<li>Playwright end-to-end test for the reviewer happy path.<\/li>\n<\/ul>","raw_excerpt":"Share unpublished WordPress content with reviewers via secure links. Threaded comments, approval decisions, full audit, no logins required.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/314170","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=314170"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/editant"}],"wp:attachment":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=314170"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=314170"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=314170"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=314170"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=314170"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=314170"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}