Custom Blocks Constructor – Lazy Blocks, CVE-2025-58258
- CVE, Research URL
- Application
- Published on
- Sep 23, 2025
- Research Description
- Missing Authorization vulnerability in nK Lazy Blocks lazy-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lazy Blocks: from n/a through <= 4.1.0.
- Affected versions
-
max 4.1.1.
- Status
-
vulnerable
| Previous vulnerability researches |
|---|
| Pop ups, Exit intent popups, email popups, banners, bars, countdowns and cart savers – Promolayer (CVE-2024-3602) , Jun 21, 2024 |