A vulnerability marked as problematic has been reported in fahadmahmood Keep Backup Daily Plugin up to 2.1.2 on WordPress. The impacted element is the function sanitize_text_field of the component HTML Attribute Handler . Performing a manipulation of the argument val results in HTML injection. This vulnerability was named CVE-2026-3577 . The attack may be initiated remotely. There is no available exploit. It is suggested to upgrade the affected component.