Hi,
It does not have sense to set any restriction to the user or role if you allow him full access to the plugins: deactivating plugins, installing new plugins use can get full access to the site. The same is right if you give to a user a full access to the User Role Editor.
If you need to provide a restricted access to the WordPress admin back-end, first of all restrict it revoking unneeded user capabilities from the role. Leave capability at the role just in case user can not access some menu item without it.
I created another test role () at your site for demonstration and excluded from it almost all user capabilities you blocks with “Admin Menu”. Just after that I blocked the rest unneeded menu items with “Admin Menu”.
There are much less menu items to block. So, in order to provide you a quick decision for the product search problem with ‘wp-lister’ plugin, I blocked admin menu items for new role with “Block selected” model. When you block menu items using ‘block selected’ URE blocks just them and does not try to block others.
When you use “block not selected” URE compares full URLs, taking in account all parameters and, even if the main menu link is allowed, but you try to open it with the additional parameters, URE may block it, if parameters are not found in the list of allowed parameters. This is a reason why “product search with module” via wp-lister does not work currently with “block not selected” model.
Please test if user with new restricted role has the access, which you try to configure.
