Security?

I tried this plugin, as the general idea behind it is so cool.

Problem1: I quickly looked at the code and found the php is executed with the “eval” command. That is really scary in many ways: It is a door opener for all sorts of misuse and makes also php bug fixing so very hard.

Problem2: I installed the plugin (as admin) and re-logged with the role of an editor (lower rights level). I could still access all the plugin’s settings, which was unexpected.
So there seems to be not even a solid rights protection. If WordPress is used not only by the owner but content is maintained also by editors, this missing rights protection would be a no-go for me.

I gave up at that point. As much as I would like to use it: I stay away from it for now.

If the security issues are fixed, I would be more than happy to rate this 5 stars.