Poor security communication and non-functional updates!

We own the Pro version of the plugin and noticed today that Patchstack is reporting a security vulnerability in the Lite version. Although an update notification for the Pro version does appear in our backend, it is missing the actual “Update” link! Furthermore, only the outdated version is available for download in the plugin’s customer dashboard, and there is no mention of the new version in the changelog either!
Given that the Lite version can be assumed to be relatively similar to the Pro version, there is serious concern that the same security vulnerability exists here as well—yet the Pro version cannot be updated!
This constitutes a complete failure in communication regarding this vulnerability—and specifically toward the very customers who are paying for the product!