I noticed this plugins requires the capability
edit_pages for access to its settings page. Is there any reason for this? Otherwise, all settings/options pages should require the capability
manage_options because that's what this capability is there for.
Currently, non-admin users can easily mess with the plugin's settings because they have the
edit_pages capability. I think you might need to address this.