Is Free Download Manager safe to use?

Free Download Manager has a risk level of MEDIUM with an overall risk score of 5.0/10. Our scan detected 20 security findings. This extension has some risks worth reviewing.

What permissions does Free Download Manager request?

Free Download Manager requests the following permissions: cookies, webRequest, declarativeNetRequest, downloads, nativeMessaging, contextMenus, activeTab, storage, history, tabs, notifications, alarms, scripting. It also requests host access to: , *://*/*.

What is Free Download Manager's risk score?

Free Download Manager has an overall risk score of 5.0/10 (MEDIUM). Breakdown: Permissions 9.5/10, Code 0.6/10, Combinations 10.0/10, CSP 7.5/10.

ExtSafe

Free Download ManagerSecurity Analysis

Chromev3.2.5MV3February 18, 2026 at 11:39 AM

Use with caution

This extension requests significant permissions. It has 3M+ users, a 3.3 star rating, but review the findings below.

5.0MEDIUM

5.0 MEDIUMRaw: 6.2

This extension shows some risk signals that are common in legitimate extensions but worth reviewing. Check the details below.

Based on 15 permissions including high-risk ones, 10 code findings, 3 dangerous combinations.

Trust Signals(4.0/10)

Users

3.0M

Rating

3.3(5K reviews)

Dangerous Combinations(3)

HIGHCookie access + external network

Extension has cookie access and sends data to external servers — potential session token theft.

cookies+external network request

CRITICALNetwork interception + external communication

Extension intercepts network traffic and sends data externally — potential man-in-the-middle behavior.

webRequest/webRequestBlocking+external network request

HIGHHistory access + external communication

Extension reads browsing history and sends data externally — potential history exfiltration.

history+external network request

Permissions

9.5/10

Code

0.6/10

Combinations

10.0/10

Manifest/CSP

7.5/10

Permissions(15 analyzed)

Code Findings(7 patterns, 10 total)

Content Security Policy

CSP Present(1 issue)

LOW

object-srcobject-src not restricted

object-src is not set to 'none'. Plugins like Flash can be embedded, which may allow code execution.

Manifest Analysis(5 findings)

Resolved from __MSG_* i18n placeholders:

Name: Free Download Manager

Description: Free Download Manager integration with browser

LOW

externally_connectableExternal messaging enabled

Extension accepts messages from 1 external pattern(s). Verify these are trusted origins.

HIGH

content_scriptsAggressive content script injection

Content script runs at document_start in ALL frames on ALL URLs. This gives the extension deep access to every page load, including iframes.

HIGH

content_scriptsAggressive content script injection

Content script runs at document_start in ALL frames on ALL URLs. This gives the extension deep access to every page load, including iframes.

HIGH

content_scriptsAggressive content script injection

Content script runs at document_start in ALL frames on ALL URLs. This gives the extension deep access to every page load, including iframes.

HIGH

content_scriptsAggressive content script injection

Content script runs at document_start in ALL frames on ALL URLs. This gives the extension deep access to every page load, including iframes.

External Domains(6)

files2.freedownloadmanager.orgfreedownloadmanager.orgstackoverflow.comwww.freedownloadmanager.orgwww.sample-videos.comwww.youtube.com

Indicators of Compromise

5 indicators of compromise found

File Statistics

Total Files

JS Files

719.4 KB

Total Size

Other Scanned Extensions

Image downloader - Imageye