{"id":95236,"date":"2018-12-06T17:21:50","date_gmt":"2018-12-06T17:21:50","guid":{"rendered":"https:\/\/it.wordpress.org\/plugins\/cambia-utente\/"},"modified":"2026-06-04T09:02:09","modified_gmt":"2026-06-04T09:02:09","slug":"cambia-utente","status":"publish","type":"plugin","link":"https:\/\/cy.wordpress.org\/plugins\/cambia-utente\/","author":14536151,"comment_status":"closed","ping_status":"closed","template":"","meta":{"version":"1.5","stable_tag":"1.5","tested":"7.0","requires":"6.5","requires_php":"7.4","requires_plugins":null,"header_name":"Cambia Utente","header_author":"DevFabio","header_description":"Questo plugin permette di simulare e verificare l'accesso dei clienti di woocommerce. Ottimo strumento per controllare gli ordini effettivamente attivi come i download.","assets_banners_color":"","last_updated":"2026-06-04 09:02:09","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/wordpress.org\/plugins\/cambia-utente\/","header_author_uri":"https:\/\/profiles.wordpress.org\/devfabio\/","rating":5,"author_block_rating":0,"active_installs":0,"downloads":9560,"num_ratings":1,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.0":{"tag":"1.0","author":"DevFabio","date":"2018-12-06 17:14:12"},"1.5":{"tag":"1.5","author":"DevFabio","date":"2026-06-04 09:02:09"}},"upgrade_notice":{"1.5":"<p>Recommended security and reliability update: stricter capability and nonce checks,\nfully escaped output, and a proper Stable tag.<\/p>"},"ratings":{"1":0,"2":0,"3":0,"4":0,"5":"1"},"assets_icons":[],"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0","1.5"],"block_files":[],"assets_screenshots":[],"screenshots":[]},"plugin_section":[],"plugin_tags":[3897,5593,602,1917,286],"plugin_category":[45,59],"plugin_contributors":[165218],"plugin_business_model":[],"class_list":["post-95236","plugin","type-plugin","status-publish","hentry","plugin_tags-administrator","plugin_tags-customer","plugin_tags-login","plugin_tags-users","plugin_tags-woocommerce","plugin_category-ecommerce","plugin_category-utilities-and-tools","plugin_contributors-devfabio","plugin_committers-devfabio"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/s.w.org\/plugins\/geopattern-icon\/cambia-utente.svg","icon_2x":false,"generated":true},"screenshots":[],"raw_content":"<!--section=description-->\n<p>Cambia Utente adds an admin screen that lists the site users and lets an\nadministrator log in as any of them with one click. It is handy for support and\ndebugging: you can check what a WooCommerce customer actually sees \u2014 active\norders, available downloads, account pages \u2014 without asking for their password.<\/p>\n\n<p>How it works:<\/p>\n\n<ul>\n<li>A top-level <strong>Cambia Utente<\/strong> menu (icon: people) is added to wp-admin.<\/li>\n<li>The screen lists users with name and email and an <strong>Log in<\/strong> button each.<\/li>\n<li>Clicking a button replaces your session with that user's session and sends you\nto the site front page as that user.<\/li>\n<li>To go back to your account, log out and log in again as administrator.<\/li>\n<\/ul>\n\n<p>Security:<\/p>\n\n<ul>\n<li>The screen and the switch action are restricted to users with the <code>edit_users<\/code>\ncapability (administrators), customisable via the <code>cambia_utente_capability<\/code> filter.<\/li>\n<li>Every switch is protected by a WordPress nonce.<\/li>\n<li>The plugin stores no options, creates no tables and sends no data to external services.<\/li>\n<\/ul>\n\n<!--section=installation-->\n<ol>\n<li>Upload the <code>cambia-utente<\/code> folder to <code>\/wp-content\/plugins\/<\/code>, or install the\nplugin from the Plugins screen in WordPress.<\/li>\n<li>Activate the plugin through the \"Plugins\" menu in WordPress.<\/li>\n<li>Open the <strong>Cambia Utente<\/strong> menu in wp-admin and click <strong>Log in<\/strong> next to a user.<\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id=\"who%20can%20switch%20user%3F\"><h3>Who can switch user?<\/h3><\/dt>\n<dd><p>Only logged-in administrators (users with the <code>edit_users<\/code> capability). You can\nchange the required capability with the <code>cambia_utente_capability<\/code> filter.<\/p><\/dd>\n<dt id=\"how%20do%20i%20switch%20back%20to%20my%20administrator%20account%3F\"><h3>How do I switch back to my administrator account?<\/h3><\/dt>\n<dd><p>Log out and log back in as administrator. The plugin performs a one-way switch by\ndesign and keeps no impersonation state.<\/p><\/dd>\n<dt id=\"does%20it%20require%20woocommerce%3F\"><h3>Does it require WooCommerce?<\/h3><\/dt>\n<dd><p>No. It works with any WordPress users. It is especially useful together with\nWooCommerce to inspect a customer's orders and downloads.<\/p><\/dd>\n<dt id=\"does%20the%20plugin%20send%20any%20data%20to%20external%20services%3F\"><h3>Does the plugin send any data to external services?<\/h3><\/dt>\n<dd><p>No. Everything happens on your own site; no third party is contacted.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.5<\/h4>\n\n<ul>\n<li>Security: capability check moved to <code>edit_users<\/code>, all input is unslashed and\nsanitised, and the nonce is verified before any action.<\/li>\n<li>The user switch now runs on <code>admin_init<\/code>, clears the previous auth cookie and\nredirects after switching.<\/li>\n<li>Output is fully escaped; the inline <code>&lt;style&gt;<\/code> block was moved to an enqueued\nstylesheet loaded only on the plugin page.<\/li>\n<li>Added a guard against direct file access (ABSPATH check) and the\n  cambia_utente_capability filter.<\/li>\n<li>Fixed the user display name (was reading a non-existent property).<\/li>\n<li>Completed the plugin header and rewrote the readme in English with a Stable tag\nand License URI (the previous readme had no Stable tag).<\/li>\n<\/ul>\n\n<h4>1.4<\/h4>\n\n<ul>\n<li>Previous public release.<\/li>\n<\/ul>","raw_excerpt":"Log in as another user (e.g. a WooCommerce customer) to verify their access, orders and downloads.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/cy.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/95236","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cy.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/cy.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/cy.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=95236"}],"author":[{"embeddable":true,"href":"https:\/\/cy.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/devfabio"}],"wp:attachment":[{"href":"https:\/\/cy.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=95236"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/cy.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=95236"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/cy.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=95236"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/cy.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=95236"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/cy.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=95236"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/cy.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=95236"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}