Title: PlugSeal
Author: Marc Armengou
Published: <strong>29 de mayo de 2026</strong>
Last modified: 29 de mayo de 2026

---

Buscar plugins

![](https://ps.w.org/plugseal/assets/icon-256x256.jpg?rev=3554199)

# PlugSeal

 Por [Marc Armengou](https://profiles.wordpress.org/marc4/)

[Descargar](https://downloads.wordpress.org/plugin/plugseal.0.1.0.zip)

 * [Detalles](https://es-co.wordpress.org/plugins/plugseal/#description)
 * [Valoraciones](https://es-co.wordpress.org/plugins/plugseal/#reviews)
 *  [Instalación](https://es-co.wordpress.org/plugins/plugseal/#installation)
 * [Desarrollo](https://es-co.wordpress.org/plugins/plugseal/#developers)

 [Soporte](https://wordpress.org/support/plugin/plugseal/)

## Descripción

PlugSeal gives administrators granular control over what each active plugin is allowed
to do, inspired by Android app permissions and Flatseal for Flatpak. Each active
plugin is listed in the settings page. For each plugin, administrators can allow
or deny individual permissions with immediate effect. All permissions are allowed
by default, so no existing functionality is broken until an administrator explicitly
restricts it.

**Permissions covered:**

 * `db:read` / `db:write` — database queries via $wpdb
 * `db:read:users` / `db:write:users` — read and write access to user data (also
   covers wp_delete_user and wp_update_user)
 * `http:outbound` — outbound HTTP requests via the WordPress HTTP API
 * `options:read` / `options:write` — WordPress options via get_option / update_option(
   see limitations)
 * `email:send` — sending email via wp_mail()
 * `cron:write` — scheduling events via wp_schedule_event()
 * `transients:write` — writing transients via set_transient()
 * `users:create` — creating users via wp_create_user() (updates and deletes are
   covered by db:write:users)
 * `rest:register` — registering REST API endpoints via register_rest_route()
 * `shortcode:register` — registering shortcodes via add_shortcode()
 * `rewrite:register` — registering rewrite rules via add_rewrite_rule()
 * `admin:menu` — adding entries to the admin menu and submenus
 * `dashboard:widget` — adding dashboard widgets via wp_add_dashboard_widget()
 * `hooks:frontend` — hooking into frontend hooks (wp_head, wp_footer, the_content,
   wp_enqueue_scripts…)
 * `hooks:admin` — hooking into admin hooks (admin_head, admin_notices, admin_enqueue_scripts…)
 * `hooks:auth` — hooking into authentication hooks (wp_login, wp_logout, user_register,
   authenticate…)
 * `hooks:content` — hooking into content hooks (save_post, delete_post, pre_get_posts,
   wp_handle_upload…)
 * `hooks:lifecycle` — hooking into plugin and theme lifecycle hooks (activated_plugin,
   deactivated_plugin, switch_theme…)

**Honest limitations:**

This plugin intercepts official WordPress APIs by identifying the calling plugin
via the PHP call stack. It cannot intercept calls made by WordPress core on behalf
of a plugin — for example, when WordPress processes a settings form via `options.
php`, the call stack contains core files rather than the plugin files.

Specific limitations:

 * `options:read` / `options:write` — work when a plugin calls these APIs directly
   from its own code (hooks, AJAX, cron). Do not block standard WordPress settings
   forms processed by `options.php`.
 * Filesystem access (`file_get_contents`, `fopen`, etc.) is not intercepted.
 * Direct `mysqli` connections, `eval()`, and raw PHP file functions bypass all 
   interceptors.
 * `wp_update_user()` and `wp_delete_user()` are covered by `db:write:users` since
   they write directly to the users table.
 * `admin_init` is intentionally excluded from `hooks:admin` as it is too critical
   to block safely.

## Instalación

 1. Upload the `plugseal` folder to `/wp-content/plugins/`.
 2. Activate the plugin through the **Plugins** menu.
 3. Go to **Settings  PlugSeal**.
 4. Select a plugin and toggle individual permissions on or off.

## FAQ

### Does this work with Multisite?

No. Multisite is not supported in this version.

### What happens to my data if I uninstall the plugin?

Data is preserved by default. To delete all data on uninstall, enable the option
in the settings page before deleting the plugin.

### Can a plugin bypass this system?

Yes, if a plugin makes direct database connections or filesystem calls without using
WordPress APIs, or if WordPress core processes actions on its behalf. These are 
known limitations documented above.

## Reseñas

No hay reseñas para este plugin.

## Colaboradores y desarrolladores

«PlugSeal» es un software de código abierto. Las siguientes personas han colaborado
con este plugin.

Colaboradores

 *   [ Marc Armengou ](https://profiles.wordpress.org/marc4/)

«PlugSeal» ha sido traducido a 1 idioma local. Gracias a [los traductores](https://translate.wordpress.org/projects/wp-plugins/plugseal/contributors)
por sus contribuciones.

[Traduce «PlugSeal» a tu idioma.](https://translate.wordpress.org/projects/wp-plugins/plugseal)

### ¿Interesado en el desarrollo?

[Revisa el código](https://plugins.trac.wordpress.org/browser/plugseal/) , echa 
un vistazo al [repositorio SVN](https://plugins.svn.wordpress.org/plugseal/) o suscríbete
al [registro de desarrollo](https://plugins.trac.wordpress.org/log/plugseal/) por
[RSS](https://plugins.trac.wordpress.org/log/plugseal/?limit=100&mode=stop_on_copy&format=rss).

## Registro de cambios

#### 0.1.0 – 2025-04-25

 * Initial release.

## Meta

 *  Versión **0.1.0**
 *  Última actualización **hace 9 horas**
 *  Instalaciones activas **Menos de 10**
 *  Versión de WordPress ** 6.6 o superior **
 *  Probado hasta **7.0**
 *  Versión de PHP ** 8.2 o superior **
 *  Idiomas
 * [Catalan](https://ca.wordpress.org/plugins/plugseal/) y [English (US)](https://wordpress.org/plugins/plugseal/).
 *  [Traducir a tu idioma](https://translate.wordpress.org/projects/wp-plugins/plugseal)
 * Etiquetas
 * [access-control](https://es-co.wordpress.org/plugins/tags/access-control/)[hardening](https://es-co.wordpress.org/plugins/tags/hardening/)
   [permissions](https://es-co.wordpress.org/plugins/tags/permissions/)[security](https://es-co.wordpress.org/plugins/tags/security/)
 *  [Vista avanzada](https://es-co.wordpress.org/plugins/plugseal/advanced/)

## Valoraciones

Aún no se han enviado valoraciones.

[Your review](https://wordpress.org/support/plugin/plugseal/reviews/#new-post)

[Ver todos los comentarios](https://wordpress.org/support/plugin/plugseal/reviews/)

## Colaboradores

 *   [ Marc Armengou ](https://profiles.wordpress.org/marc4/)

## Soporte

¿Tienes algo que decir? ¿Necesitas ayuda?

 [Ver el foro de soporte](https://wordpress.org/support/plugin/plugseal/)