[ new scan ] [ statistics ] [ github ] [ twitter ] [ help ]

Wix Site Checker

Version 1.0 View in Chrome Web Store

Last scanned: 18 days ago | force re-scan

Extension Details

Developer: Certified Code, Inc.

Rating: 3.7 ★ (3 ratings)

Users: 1,000

Context-Aware Verdict

HIGH

Overall Risk

Trust Factors:

The extension has a concerning trust profile with only 1,000 users and a modest 3.7-star rating from just 3 reviews, indicating limited adoption and mixed user feedback. While published by "Certified Code, Inc." which sounds professional, the lack of detailed developer information and recent update history raises questions about ongoing support and legitimacy.

Concerns:

The extension's permissions are extremely broad and disproportionate to its stated purpose as a "Wix Site Checker." The wildcard host permissions (*://*/*) and content script injection across all websites represent significant overreach. A legitimate Wix site checker would only need access to Wix domains (*.wix.com), not the entire internet. This excessive permission scope creates substantial privacy and security risks, as the extension could monitor all browsing activity, capture sensitive data from any website, or inject malicious content.

Recommendations:

Given the high-risk security findings and questionable permission requirements, consider running this extension in a completely separate Chrome profile if you must use it. Better yet, look for alternative Wix analysis tools that request more appropriate, limited permissions. Before installation, verify the developer's legitimacy and check if similar functionality is available through official Wix tools or browser bookmarklets that don't require such extensive access to your browsing data.

Findings

HIGH

Broad Content Script Injection

This extension can inject scripts into any website. This means it could potentially read sensitive data, modify website content, or steal credentials.

HIGH

Broad Host Permissions

This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.

Raw Manifest

{
  "name": "Wix Site Checker",
  "icons": {
    "128": "false.png"
  },
  "action": {
    "default_icon": {
      "128": "false.png"
    }
  },
  "version": "1.0",
  "background": {
    "service_worker": "background.js"
  },
  "update_url": "https://clients2.google.com/service/update2/crx",
  "description": "Checks if this page was built in Wix",
  "content_scripts": [
    {
      "js": [
        "content.js"
      ],
      "matches": [
        "*://*/*"
      ]
    }
  ],
  "host_permissions": [
    "*://*/*"
  ],
  "manifest_version": 3
}

by ✦ Astarte

Wix Site Checker

Extension Details

Context-Aware Verdict

Findings

Security Analysis Details

Host Permissions:

Embedded URLs (1 total):

Raw Manifest

Detections

Manifest Findings