CVE-2024-1433 | KDE Plasma Workspace up to 5.93.0 Theme File eventpluginsmanager.cpp enabledPlugins pluginId path traversal

CVE-2024-1433 | KDE Plasma Workspace up to 5.93.0 Theme File eventpluginsmanager.cpp enabledPlugins pluginId path traversal

A vulnerability, which was classified as problematic, was found in KDE Plasma Workspace up to 5.93.0. This affects the function EventPluginsManager::enabledPlugins of the file components/calendar/eventpluginsmanager.cpp of the component Theme File Handler. The manipulation of the argument pluginId leads to path traversal. This vulnerability is uniquely identified as CVE-2024-1433. It is possible to initiate the attack remotely. There is no exploit available. This requires write access to user's home or the installation of third party global themes. It is recommended to apply a patch to fix this issue.