A vulnerability, which was classified as problematic , has been found in Webhooks Plugin up to 3.1.x on Craftcms. Affected is the function renderString of the component That Call Handler . The manipulation leads to improper neutralization of special elements used in a template engine. This vulnerability is uniquely identified as CVE-2026-32261 . The attack is possible to be carried out remotely. No exploit exists. It is advisable to upgrade the affected component.