Is Cashback service LetyShops safe to use?

Cashback service LetyShops has a risk level of MEDIUM with an overall risk score of 5.5/10. Our scan detected 69 security findings. This extension has some risks worth reviewing.

What permissions does Cashback service LetyShops request?

Cashback service LetyShops requests the following permissions: tabs, webRequest, storage, notifications. It also requests host access to: .

What is Cashback service LetyShops's risk score?

Cashback service LetyShops has an overall risk score of 5.5/10 (MEDIUM). Breakdown: Permissions 7.0/10, Code 10.0/10, Combinations 10.0/10, CSP 5.3/10.

ExtSafe

Cashback service LetyShopsSecurity Analysis

Chromev5.0.9MV3March 1, 2026 at 05:11 PM

Potentially unsafe

This extension shows concerning patterns that may indicate risky behavior. Proceed with caution.

5.5MEDIUM

5.5 MEDIUMRaw: 8.4

This extension shows some risk signals that are common in legitimate extensions but worth reviewing. Check the details below.

Based on 5 permissions including high-risk ones, 66 code findings, 2 dangerous combinations.

Trust Signals(7.0/10)

Users

1.0M

Rating

4.8(13K reviews)

Developer

LetyShops KFT

Status

Featured

Dangerous Combinations(2)

MEDIUMTab tracking API + external communication

Extension uses tab tracking APIs (onUpdated/query) and communicates with external servers — potential browsing surveillance.

tabs+tabs API usage + external network

CRITICALNetwork interception + external communication

Extension intercepts network traffic and sends data externally — potential man-in-the-middle behavior.

webRequest/webRequestBlocking+external network request

Permissions

7.0/10

Code

10.0/10

Combinations

10.0/10

Manifest/CSP

5.3/10

Permissions(5 analyzed)

Code Findings(12 patterns, 66 total)

Content Security Policy

No CSP Defined(1 issue)

MEDIUM

N/ANo CSP defined

This extension does not define a Content Security Policy. A CSP helps prevent XSS and code injection attacks.

Manifest Analysis(3 findings)

Resolved from __MSG_* i18n placeholders:

Name: Cashback service LetyShops

Description: Get cashback for shopping online with LetyShops!

MEDIUM

web_accessible_resources.matchesOverly broad match patterns

Web-accessible resources use <all_urls> or wildcard patterns, exposing resources to every website.

MEDIUM

content_scriptsContent script injected on all URLs

Content script matches <all_urls>, executing on every website the user visits.

MEDIUM

content_scriptsContent script injected on all URLs

Content script matches <all_urls>, executing on every website the user visits.

External Domains(26)

${ee.domain${le.domain${oe.domain${v.domainangular.ioclub.letyshops.comconnect.mail.ruconnect.ok.rudocs.google.comeapi.letyshops.comforms.gleg.cogithub.comgpsfront.aliexpress.comhelp.letyshops.comimage.letyshops.comletyshops.comsites.google.comstatic.letyshops.comtools.letyshops.comtwitter.comus-central1-excellent-style-170512.cloudfunctions.netvecta.iovk.comwww.chartjs.orgwww.facebook.com