diff --git a/includes/core/class-secure.php b/includes/core/class-secure.php
index 437e6de0..16093100 100644
--- a/includes/core/class-secure.php
+++ b/includes/core/class-secure.php
@@ -291,8 +291,9 @@ if ( ! class_exists( 'um\core\Secure' ) ) {
$settings['secure']['title'] = __( 'Secure', 'ultimate-member' );
$banned_admin_capabilities_options = array();
+ $default_locked_cap_options = array( 'manage_options', 'promote_users', 'level_10' );
foreach ( $this->banned_admin_capabilities as $i => $cap ) {
- if ( in_array( $cap, array( 'manage_options', 'promote_users', 'level_10' ), true ) ) {
+ if ( in_array( $cap, $default_locked_cap_options, true ) ) {
continue;
}
$banned_admin_capabilities_options[ $cap ] = $cap;
@@ -329,7 +330,7 @@ if ( ! class_exists( 'um\core\Secure' ) ) {
'multi' => true,
'columns' => 2,
'options' => $banned_admin_capabilities_options,
- 'value' => UM()->options()->get( 'banned_capabilities' ) ? array_keys( UM()->options()->get( 'banned_capabilities' ) ) : array_keys( $banned_admin_capabilities_options ),
+ 'value' => UM()->options()->get( 'banned_capabilities' ) ? array_keys( UM()->options()->get( 'banned_capabilities' ) ) : array_keys( $default_locked_cap_options ),
'label' => __( 'Banned Administrative Capabilities', 'ultimate-member' ),
'description' => __( 'All the above are default Administrator & Super Admin capabilities. When someone tries to inject capabilities to the Account, Profile & Register forms submission, it will be flagged with this option. The manage_options, promote_users & level_10 capabilities are locked to ensure no users will be created with these capabilities.', 'ultimate-member' ),
),