The plugin did not properly restrict access to some paths, still allowing a restricted user to access them, and edit the Blog Options, create/edit posts and so on for example
To reproduce it, install the plugin, create a new admin user and take all his privileges using the mentioned plugin (block all his access). Result: You’ll still be a able to access those paths. A fully restricted Admin Class user still has access to the following paths: v < 1.0.3 /wp-admin/options.php /wp-admin/post.php?post=1&action;=edit /wp-admin/comment.php?action=editcomment&c;=1 Comments > Approve / Unapprove Comments > Reply Comments > Spam Comments > Trash / Delete Permanently v <= 1.0.3 /wp-admin/options.php/ /wp-admin/post.php/?post=1&action;=edit /wp-admin/comment.php/?action=editcomment&c;=1 v < 1.0.4 /wp-admin/options.php.