Custom Blocks Constructor – Lazy Blocks, CVE-2025-58258
- CVE, Research URL
- Application
- Published on
- Sep 23, 2025
- Research Description
- Missing Authorization vulnerability in nK Lazy Blocks lazy-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lazy Blocks: from n/a through <= 4.1.0.
- Affected versions
-
max 4.1.1.
- Status
-
vulnerable
| Previous vulnerability researches |
|---|
| YITH WooCommerce Quick View (CVE-2019-16251) , Jun 07, 2024 |
| YITH WooCommerce Quick View (CVE-2025-8617) , Apr 24, 2026 |