Thus, when a plugin is potentially insecure, it must be approved by someone with appropriate permissions.
The permissions involved are:
|tiki_p_plugin_approve||Can approve plugin execution|
|tiki_p_plugin_preview||Can execute unapproved plugin|
|tiki_p_plugin_viewdetail||Can view unapproved plugin details|
See Plugin Approval