Hi,
My browser says: This CKEditor 4.5.7 version is not secure. Consider upgrading to the latest one, 4.24.0-lts: CKEditor 4 | Visual Text Editor for HTML
Well, I found how to upgrade to 4.2.21 with the same alert:
And in Github i found the reason why from July 1st:
In the meantime, I will switch to Tiny Editor
Any feedback will be welcome 
Yes, I’ve encoountered a similar issue (see screenshot below). What to do?
It seems to suggest I need to upgrade to CKEditor 5… Is that necessary in this situation?(using phplist v3.6.12 with php version 8.2.20) There’s a cost involved in doing that and, as far as I remember, I never paid for CKEditor 4.5.7. I presume it come with the initial install.
Any help in clarifying the situation would be much appreciated.
Important - See this topic CKEditor shows warning message about being insecure for how to continue using CKEditor without the warning being displayed.
@miguelss Thanks for raising this issue. I am the developer of the phplist plugin for ckeditor.
Although the pop-up message is a bit annoying I think that they do have a point about people continuing to use out-dated and insecure versions of their software.
But I think that the way ckeditor is used by phplist is a bit different to other uses. In many cases ckeditor is used by one or only a small number of phplist administrators who are generally going to be trusted in what they do. In a more general use of ckeditor, say a contact form or something similar, it might be used by anonymous people with malicious intent.
In the short term the options seem to be:
accept the pop-up message and continue to use the CDN version of ckeditor using a URL similar to //cdn.ckeditor.com/4.22.1/standard/ckeditor.js ckeditor 4.22.1. seems to be the final version that can be used without buying a long-term support licence.
install a copy of ckeditor 4 locally. You can download version 4.22.1 and a few earlier versions from CKEditor 4 - Download Latest Version When I tried this, the last version of ckeditor I found that doesn’t show the pop-up is 4.20.2. Then follow the guidance in the plugin documentation plugin:ckeditor [phpList Resources]
ckeditor 5 looks to be substantially different to ckeditor 4 and therefore not trivial to convert the phplist plugin to use that.
Hi @duncanc, thanks for your replay and the explanation.
And yes, you are right, the easy way is to close the pop-up
Thanks a lot for your effort and your efficiency
Cheers,
@miguelss @phillegg I found a way to hide the warning.
Now it will be displayed only once in a phplist login session instead of every time the Compose page is displayed. I didn’t want to hide it entirely as I think it is quite important and the admin should be aware of it.
But if you really never want to see the message then there is a setting in the CKEditor group on the Settings page
You can upgrade the CKEditor plugin to version 2.7.0 on the Manage Plugins page using the package URL
https://github.com/bramley/phplist-plugin-ckeditor/archive/master.zip
Also, I recommend using the latest version of CKEditor. On the Settings page change the URL to be version 4.22.1
@duncanc you are the best!
It works like a charm!!
Thanks a lot for your effort to create better world 
All my respect to you!!
M.
Any timeline on getting up to CKeditor5 in the future? I would be happy to offer assistance with any testing needed. This is really a needed item for our Marketing Team and they use it regularly.
Thanks,
Doug
