Just looking for a timeline and reassurance…

There was a reply here. It told me to download the zip from the site and install it that way, so I did that. The reply has since been deleted.

So, I left a question about updating on their most recent blog post. At this point in time, nobody has responded. I left the question yesterday. I too would be interested in moving to the paid version, but this isn’t very professional.

Hi!

The plugin is in a good shape and it’s getting better with every new release. A vulnerability has been fixed in WP Cerber 9.2. The actual version is 9.3.

The latest news, releases, and up-to-date information is here: https://wpcerber.com/main/

To stay informed, use our news channels:

Tweets by wpcerber
https://wpcerber.com/subscribe-newsletter/

@qwik3r

The ETA is not set yet. To get informed, subscribe to our newsletter: https://wpcerber.com/subscribe-newsletter/

I still have one (themed) question remaining…

I’ve installed from the zip file as directed. Now, it no longer has automatic updates enabled and that’s not even an option for it.

Will it give me a notice when it’s time to update? Will it do so without my intervention?

Your newsletter would get lost in the shuffle I’m afraid. So, that’s not a realistic option for someone that gets hundreds of emails a day, not counting spam – but a lot of it junk that I can safely ignore.

I’ve never used a plugin from someone other than WordPress, so I have no idea how this works.

Everything works as previously. If you enable “Send notification when a new version of WP Cerber is available” on the Notification tab, you will be informed when a new version is available, no matter if it is available on www.ads-software.com or on our website. If automatic updates for plugins is enabled on your website, WP Cerber will be updated, no matter if it is available on www.ads-software.com or on our website. You can enable/disable this behavior via an option which is on the “Main Settings” tab. See the “Site-specific settings” section.

Thank you for that.

The reason I (and presumably other people) was concerned would be shown in the following image:

View post on imgur.com

I even drew a couple of arrows.

As you can see, it’s not set to automatically update (as far as WordPress is concerned) and there is no option (see the arrow furthest right) to enable automatic updates.

However, so long as I’ll get some sort of notification, I’m good for now – until it’s time to install it again from within the WordPress official extension repository.

Thank you for making it a bit more clear. I can live with manual notifications until you’re back in the repositories. I actually intend to upgrade to the paid release and my ad revenue is reaching the point where that’s likely to be something I can do shortly. So, I’m in this for the long haul.

I did read the CVE and didn’t think that sort of security flaw did not rise to the level of needing to remove the plugin from WordPress’s plugin repositories. But, it’s good to see you were on top of it. Hopefully they clear your replacement plugin and all is well.

Again, thanks. I’m sure you’re busy and I’m pretty verbose as well as curious. I rely on this plugin for a goodly amount of my site’s security.