Sort By Review Count for Amazon
Version 5.24.0314 View in Chrome Web Store
Extension Details
Context-Aware Verdict
The extension has a concerning trust profile with only 4,000 users and an extremely poor rating of 1.8 out of 5 stars from 133 reviews, indicating significant user dissatisfaction. The lack of visible developer information raises additional transparency concerns. While the functionality appears legitimate for Amazon shopping enhancement, the poor user feedback suggests potential issues with reliability or behavior.
The extension requests access to all major Amazon domains globally, which is appropriate for its stated purpose but creates a broad attack surface. The inclusion of extensionpay.com in content scripts suggests monetization features that may not be clearly disclosed to users. The activeTab and storage permissions, while reasonable for the functionality, could be misused given the poor reputation. The low rating combined with broad Amazon access permissions creates potential for data harvesting from shopping activities, including browsing patterns, purchase history, and personal information visible on Amazon pages.
Given the high risk profile, avoid installing this extension. The extremely poor user rating of 1.8 stars is a major red flag that suggests serious functionality or trustworthiness issues. If you absolutely need Amazon sorting functionality, research well-reviewed alternatives with better ratings and more transparent developers. If you must use this extension, run it in a completely separate Chrome profile and avoid accessing sensitive account information while it's active.
Findings
Security Analysis Details
Required Permissions:
- activeTab
- storage
Host Permissions:
- *://*.amazon.ae/*
- *://*.amazon.at/*
- *://*.amazon.ca/*
- *://*.amazon.cn/*
- *://*.amazon.co.jp/*
- *://*.amazon.co.uk/*
- *://*.amazon.com.au/*
- *://*.amazon.com.br/*
- *://*.amazon.com.mx/*
- *://*.amazon.com.sg/*
- *://*.amazon.com.tr/*
- *://*.amazon.com/*
- *://*.amazon.de/*
- *://*.amazon.es/*
- *://*.amazon.fr/*
- *://*.amazon.ie/*
- *://*.amazon.in/*
- *://*.amazon.it/*
- *://*.amazon.nl/*
- *://*.amazon.eg/*
- *://*.amazon.sa/*
Embedded URLs (11 total):
| https://unpkg.com/mvp.css | https://clients2.google.com/service/update2/crx | |
| https://extensionpay.com/ | https://www.amazon.com/s?k=tent&rh=n%3A3147471&ref=nb_sb_noss | |
| https://www.amazon.com/b/ref=dp_bc_aui_C_2?ie=UTF8&node=18457661011 | https://developer.mozilla.org/docs/Mozilla/Add-ons/WebExtensions/API/runtime/onMessage | |
| https://github.com/mozilla/webextension-polyfill/issues/130 | https://extensionpay.com | |
| https://stackoverflow.com/a/68456858 | https://developer.mozilla.org/en-US/docs/Web/API/Window/open | |
| https://github.com/Glench/ExtPay#2-configure-your-manifestjson |
Raw Manifest
{ "name": "Sort By Review Count for Amazon", "icons": { "16": "icon48.png", "48": "icon48.png", "128": "icon128.png" }, "action": { "default_icon": "icon48.png", "default_popup": "popup.html" }, "version": "5.24.0314", "update_url": "https://clients2.google.com/service/update2/crx", "description": "Sort By Review Count for Amazon sorts product search results by most reviewed.", "permissions": [ "activeTab", "storage" ], "content_scripts": [ { "js": [ "ExtPay.js", "common.js", "content.js" ], "css": [ "content.css" ], "matches": [ "*://*.amazon.ae/*", "*://*.amazon.at/*", "*://*.amazon.ca/*", "*://*.amazon.cn/*", "*://*.amazon.co.jp/*", "*://*.amazon.co.uk/*", "*://*.amazon.com.au/*", "*://*.amazon.com.br/*", "*://*.amazon.com.mx/*", "*://*.amazon.com.sg/*", "*://*.amazon.com.tr/*", "*://*.amazon.com/*", "*://*.amazon.de/*", "*://*.amazon.es/*", "*://*.amazon.fr/*", "*://*.amazon.ie/*", "*://*.amazon.in/*", "*://*.amazon.it/*", "*://*.amazon.nl/*", "*://*.amazon.eg/*", "*://*.amazon.sa/*" ] }, { "js": [ "ExtPay.js" ], "run_at": "document_start", "matches": [ "https://extensionpay.com/*" ] } ], "host_permissions": [ "*://*.amazon.ae/*", "*://*.amazon.at/*", "*://*.amazon.ca/*", "*://*.amazon.cn/*", "*://*.amazon.co.jp/*", "*://*.amazon.co.uk/*", "*://*.amazon.com.au/*", "*://*.amazon.com.br/*", "*://*.amazon.com.mx/*", "*://*.amazon.com.sg/*", "*://*.amazon.com.tr/*", "*://*.amazon.com/*", "*://*.amazon.de/*", "*://*.amazon.es/*", "*://*.amazon.fr/*", "*://*.amazon.ie/*", "*://*.amazon.in/*", "*://*.amazon.it/*", "*://*.amazon.nl/*", "*://*.amazon.eg/*", "*://*.amazon.sa/*" ], "manifest_version": 3, "background.service_worker": { "scripts": [ "ExtPay.js", "background.js", "common.js" ], "persistent": false } }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
This extension may not yet be analyzed by Secure Annex.