Security issue on plugin users #96
Description
On api request if you are logged in / or you pass a token of not admin user,
the user can add an id of user and get the data information.
If user is not super user or admin should not be possible to search other user id