Please report security bugs found in the rocket-lazy-load plugin's source code through the Patchstack Vulnerability Disclosure Program. The Patchstack team will assist you with verification, CVE assignment and take care of notifying the developers of this plugin.