Custom Blocks Constructor – Lazy Blocks, CVE-2025-58258

CVE, Research URL: CVE-2025-58258
Home page URL: Security reports for Custom Blocks Constructor – Lazy Blocks
Application: Custom Blocks Constructor – Lazy Blocks
Published on: Sep 23, 2025
Research Description: Missing Authorization vulnerability in nK Lazy Blocks lazy-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lazy Blocks: from n/a through <= 4.1.0.
Affected versions: max 4.1.1.
Status: vulnerable

Custom Blocks Constructor &#8211; Lazy Blocks, CVE-2025-58258