When you are managing a business, you don’t want everyone working on the website to have administrative privileges. WordPress solves this problem by implementing the concept of roles. Each role has only a certain set of capabilities.
This prevents unwanted access to confidential information and prevents websites from falling into the wrong hands. 🔐
You can see what capabilities each role has from this support article – Roles and Capabilities.
User roles and capabilities are stored in the user_meta table. They can most easily be edited with a plugin, such as Members.