Description In Joomla! before 3.9.14, a missing access check in framework files could lead to a path disclosure. Remediation References CVE-2019-19845 Related Vulnerabilities WordPress Plugin Ditty WordPress-Responsive Slider, List, and Ticker Display Unspecified Vulnerability (1.5.1) WordPress Plugin JH 404 Logger Cross-Site Scripting (1.1) WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5297) WordPress Plugin Read Offline Cross-Site Scripting (0.9.17) WordPress Plugin Admin PHP Eval Unspecified Vulnerability (1.0) Severity Medium Classification CVE-2019-19845 CWE-22 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Tags Missing Update Known Vulnerabilities