Just a heads-up… I realized today that the Escher plugin can be used by ANY logged in user (even an otherwise-restricted Researcher) to upload plugins, since there’s an Escher button in the sidebar.
Of course, only Super Users can access the plugins interface to actually install or configure plugins.
While it probably isn’t really a functional issue, it could lead to a lot of messiness if a user without site editing permissions decided to experiment and upload random plugins! Deactivating Escher removes the button from the sidebar and solves that problem, but of course it must be reactivated before the next use.
NOTE: Guest User logins only allow front end access, so this is not an issue in that situation.