CVE-2026-32261 | Webhooks Plugin up to 3.1.x on Craftcms That Call renderString special elements used in a template engine (GHSA-8wg7-wm29-2rvg)

Inserito da Angelo Barbosa | Mar 16, 2026 | CVE

A vulnerability, which was classified as problematic, has been found in Webhooks Plugin up to 3.1.x on Craftcms. Affected is the function renderString of the component That Call Handler. The manipulation leads to improper neutralization of special elements used in a template engine.

This vulnerability is uniquely identified as CVE-2026-32261. The attack is possible to be carried out remotely. No exploit exists.

It is advisable to upgrade the affected component.

CVE-2026-32261 | Webhooks Plugin up to 3.1.x on Craftcms That Call renderString special elements used in a template engine (GHSA-8wg7-wm29-2rvg)

Post correlati

CVE-2019-25270 | SOCA Access Control System 141007/170000/180612 POST Request logged_page.php cross site scripting (ID 152837 / XFDB-160976)

CVE-2024-4282 | Brocade SANnav up to 2.3.1a SSH risky encryption

CVE-2025-7884 | Eluktronics Control Center 5.23.51.41 REG File data authenticity

CVE-2024-47774 | GStreamer up to 1.24.9 gstavisubtitle.c gst_avi_subtitle_parse_gab2_chunk name_length out-of-bounds (GHSL-2024-262)