Pinterest Love: Pinterest Screenshot Saver++
Version 1.48 View in Chrome Web Store
Last scanned: about 18 hours ago
Extension Details
Rating:
4.4 ★
(53 ratings)
Users:
20,000
Context-Aware Verdict
This section provides a Claude-based AI analysis that applies additional context to the risk. Results are not guaranteed to be accurate.
HIGH
Overall Risk
Trust Factors:
The extension has a moderate user base of 20,000 users and a decent rating of 4.4/5 from 53 reviews, which suggests some level of user satisfaction. However, the lack of clear developer information and company details raises transparency concerns. The extension's purpose appears to be saving Pinterest screenshots, which is a legitimate use case.
Concerns:
The extension requests extremely broad permissions that far exceed what's necessary for a Pinterest screenshot tool. The combination of tabs, cookies, and all_urls host permissions creates a powerful surveillance capability. The cookies permission is particularly concerning as it allows access to authentication tokens and session data across all websites. Content scripts running on all HTTP/HTTPS sites means the extension can monitor and modify any webpage you visit, not just Pinterest. The tabs permission enables tracking of browsing behavior and tab manipulation beyond the stated functionality.
Recommendations:
Consider running this extension in a separate Chrome profile to isolate it from your main browsing activities and sensitive accounts. Before installation, verify if similar functionality can be achieved through Pinterest's native features or browser screenshot tools. If you must use this extension, regularly review what data it might be collecting and consider using it only when actively saving Pinterest content. Monitor your browser's performance and privacy settings, and uninstall immediately if you notice unusual behavior or unauthorized data access.
Findings
This section provides a detailed analysis of the extension's security posture, without broader context. Assumes worst-case impact.
HIGH
Broad Host Permissions
This extension has broad host permissions allowing it to access many or all websites. This could potentially be used to steal sensitive data or track browsing activity.
HIGH
High-Risk Permission: cookies
This extension has the cookies permission. Can access and modify browser cookies. This could potentially be used maliciously to compromise security or privacy.
HIGH
High-Risk Permission: tabs
This extension has the tabs permission. Can access browser tab information and manipulate tabs. This could potentially be used maliciously to compromise security or privacy.
MEDIUM
Medium-Risk Permission: contextMenus
This extension has the contextMenus permission. Can add items to the context menu.
MEDIUM
Medium-Risk Permission: storage
This extension has the storage permission. Can store data locally.
Security Analysis Details
Required Permissions:
- tabs
- contextMenus
- storage
- cookies
- scripting
Host Permissions:
- <all_urls>
- *://*/*
- *://*.pinterest.com/
Embedded URLs (93 total):
| https://www.pinterest.com/pin/ | https://www.google-analytics.com/collect | |
| https://api.pinterest.com/v3/ | https://api.pinterest.com/v5/ | |
| https://api.pinterest.com/v3/visual_search/lens/search/ | http://www.w3.org/2000/svg | |
| https://i.pinimg.com/upload/default_board_thumbnail_60.jpg | https://www.pinterest.com | |
| http://www.w3.org/1999/xlink | http://www.inkscape.org/ | |
| http://www.inkscape.org/namespaces/inkscape | http://www.w3.org/1999/02/22-rdf-syntax-ns# | |
| http://web.resource.org/cc/ | http://purl.org/dc/elements/1.1/ | |
| http://inkscape.sourceforge.net/DTD/sodipodi-0.dtd | http://sozi.baierouge.fr | |
| http://purl.org/dc/dcmitype/StillImage | http://creativecommons.org/licenses/publicdomain/ | |
| http://openclipart.org/ | https://openclipart.org/detail/24821/-by--24821 | |
| http://creativecommons.org/ns#Reproduction | http://creativecommons.org/ns#Distribution | |
| http://creativecommons.org/ns#DerivativeWorks | https://www.google-analytics.com/g/collect | |
| https://loading.io/ | http://goo.gl/7AJzbL | |
| https://markerjs.com/ | https://masonry.desandro.com | |
| https://bugzilla.mozilla.org/show_bug.cgi?id=548397 | https://bit.ly/getsizebug1 | |
| http://jamesroberts.name/blog/2010/02/22/string-functions-for-javascript-trim-to-camel-case-to-dashed-and-to-underscore/ | http://blog.alexmaccaw.com/css-transitions | |
| https://www.pinterest.com/ | https://www.pinterest.com/login/?referrer=home_page | |
| https://www.pinterest.com/resource/UserSessionResource/create/ | https://www.pinterest.com/resource/UserSessionResource/delete/ | |
| https://www.pinterest.com/_ngjs/resource/UserResource/get/ | https://www.pinterest.com/resource/BoardPickerBoardsResource/get/ | |
| https://www.pinterest.com/_ngjs/resource/BoardsResource/get/ | https://www.pinterest.com/resource/BoardResource/create/ | |
| https://www.pinterest.com/resource/BoardFollowResource/create/ | https://www.pinterest.com/resource/BoardFollowResource/delete/ | |
| https://www.pinterest.com/resource/UserFollowResource/create/ | https://www.pinterest.com/resource/UserFollowResource/delete/ | |
| https://www.pinterest.com/_ngjs/resource/UserFollowingResource/get/ | https://www.pinterest.com/resource/UserFollowersResource/get/ | |
| https://www.pinterest.com/resource/PinResource/create/ | https://www.pinterest.com/resource/RepinResource/create/ | |
| https://www.pinterest.com/resource/PinLikeResource/create/ | https://www.pinterest.com/resource/PinLikeResource/delete/ | |
| https://www.pinterest.com/resource/PinResource/delete/ | https://www.pinterest.com/resource/PinCommentResource/create/ | |
| https://www.pinterest.com/_ngjs/resource/BoardInviteResource/create/ | https://www.pinterest.com/_ngjs/resource/BoardCollaboratorResource/delete/ | |
| https://www.pinterest.com/resource/VisualLiveSearchResource/get/ | https://www.pinterest.com/resource/SearchResource/get/ | |
| https://www.pinterest.com/resource/AdvancedTypeaheadResource/get/ | https://www.pinterest.com/_ngjs/resource/BoardContentRecommendationResource/get/ | |
| https://www.pinterest.com/_ngjs/resource/FindPinImagesResource/get/ | https://www.pinterest.com/resource/BoardFeedResource/get/ | |
| https://www.pinterest.com/_ngjs/resource/UserHomefeedResource/get/ | https://www.pinterest.com/resource/UserPinsResource/get/ | |
| https://www.pinterest.com/resource/BaseSearchResource/get/ | https://www.pinterest.com/_ngjs/resource/BoardInvitesResource/get/ | |
| https://www.pinterest.com/_ngjs/resource/AggregatedCommentResource/create/ | https://www.pinterest.com/_ngjs/resource/AggregatedCommentFeedResource/get/ | |
| https://www.pinterest.com/_ngjs/resource/AggregatedCommentResource/delete/ | https://www.pinterest.com/resource/ConversationsResource/get/ | |
| https://www.pinterest.com/resource/ConversationsResource/create/ | https://www.pinterest.com/resource/ConversationMessagesResource/get/ | |
| https://www.pinterest.com/resource/ConversationMessagesResource/create/ | https://www.pinterest.com/resource/BoardSectionResource/create/ | |
| https://www.pinterest.com/resource/BoardSectionsResource/get/ | https://www.pinterest.com/resource/BoardSectionEditResource/delete/ | |
| https://www.pinterest.com/resource/BoardSectionPinsResource/get/ | https://www.pinterest.com/upload-image/ | |
| https://pinterest.com/resource/BoardFollowersResource/get/ | https://www.pinterest.com/resource/ApiResource/create/ | |
| https://treesforall.nl/app/uploads/2022/03/Bos-Nederland-Epe-0x835-c-default.webp | https://treesforall.nl |
Page 1 of 2
Raw Manifest
{ "name": "Pinterest Love: Pinterest Screenshot Saver++", "icons": { "16": "icons/icon16x16.png", "24": "icons/icon24x24.png", "32": "icons/icon32x32.png", "48": "icons/icon48x48.png", "128": "icons/icon128x128.png" }, "action": { "default_icon": { "16": "icons/icon16x16.png", "24": "icons/icon24x24.png" }, "default_popup": "popup/popup.html" }, "author": "@vitaminiser", "version": "1.48", "commands": { "LaunchGrid": { "description": "List images on a current page", "suggested_key": { "mac": "Command+Shift+L", "windows": "Ctrl+Shift+L" } }, "PinScreenshot": { "description": "Pin screenshot", "suggested_key": { "mac": "Command+Shift+S", "default": "Ctrl+Shift+S" } }, "QuickScreenshot": { "description": "Pin quick screenshot", "suggested_key": { "mac": "Command+Shift+Q", "windows": "Ctrl+Shift+Q" } }, "FullPageScreenshot": { "description": "Full page screenshot", "suggested_key": { "mac": "Command+Shift+F", "windows": "Ctrl+Shift+F" } } }, "background": { "service_worker": "background.js" }, "short_name": "Pinterest Love", "update_url": "https://clients2.google.com/service/update2/crx", "description": "Save screenshots and other images to Pinterest, visually search pins and list pinnable images on a page.", "permissions": [ "tabs", "contextMenus", "storage", "cookies", "scripting" ], "homepage_url": "https://twitter.com/vitaminiser", "options_page": "options/options.html", "content_scripts": [ { "js": [ "common.js", "libs/dom.js", "libs/onyx.js", "localisation.js", "page/hoverbutton.js", "page/page.js", "page/messages.js" ], "css": [ "page/page.css", "page/hoverbutton.css" ], "run_at": "document_start", "matches": [ "http://*/*", "https://*/*" ], "all_frames": false }, { "js": [ "page/inject.js" ], "run_at": "document_end", "matches": [ "http://*/*", "https://*/*" ], "all_frames": true } ], "host_permissions": [ "<all_urls>", "*://*/*", "*://*.pinterest.com/" ], "manifest_version": 3, "web_accessible_resources": [ { "matches": [ "*://*/*" ], "resources": [ "icons/*.png", "css/darkmode.css", "options/news.json", "options/options.html", "create/create2.html", "grid/grid.html", "search/search.html", "screenshotTab/screenshotTab.html", "darkmode/pinterest.css" ] } ] }
ⓘ CRXaminer has partnered with our friends at Secure Annex to provide additional findings unique to their platform.
Secure Annex also analyzes extensions from other browsers, IDEs, and can continuously monitor.
Loading Secure Annex data...
Unable to load Secure Annex data.
This extension may not yet be analyzed by Secure Annex.
Detections
0Critical
0
High
0
Medium
0
Low
0
Has Verdicts
Yes
Manifest Findings
0Critical
0
High
0
Medium
0
Low
0
Secure Annex analyzed version: -