Is Pop up blocker for Chrome™ - Poper Blocker safe to use?

Pop up blocker for Chrome™ - Poper Blocker has a risk level of CRITICAL with an overall risk score of 9.9/10. Our scan detected 96 security findings. This extension has significant security concerns — review the full report before installing.

What permissions does Pop up blocker for Chrome™ - Poper Blocker request?

Pop up blocker for Chrome™ - Poper Blocker requests the following permissions: storage, activeTab, webRequest, declarativeNetRequest, declarativeNetRequestFeedback, contextMenus, scripting, webNavigation, alarms, contentSettings. It also requests host access to: *://*/*, , *://*.facebook.com/*, *://*.linkedin.com/*, *://*.x.com/*, *://*.instagram.com/*, *://*.reddit.com/*, *://*.pinterest.com/*, *://*.youtube.com/*, *://*.chatgpt.com/*.

What is Pop up blocker for Chrome™ - Poper Blocker's risk score?

Pop up blocker for Chrome™ - Poper Blocker has an overall risk score of 9.9/10 (CRITICAL). Breakdown: Permissions 10.0/10, Code 10.0/10, Combinations 10.0/10, CSP 9.3/10.

ExtSafe

Pop up blocker for Chrome™ - Poper BlockerSecurity Analysis

Chromev7.9.5MV3February 16, 2026 at 03:37 PM

9.9CRITICAL

9.9 CRITICAL

This extension shows critical risk indicators. It requests highly sensitive permissions combined with suspicious code patterns. Proceed with extreme caution.

Based on 20 permissions including high-risk ones, 80 code findings, 1 dangerous combination.

Dangerous Combinations(1)

CRITICALNetwork interception + external communication

Extension intercepts network traffic and sends data externally — potential man-in-the-middle behavior.

webRequest/webRequestBlocking+external network request

Permissions

10.0/10

Code

10.0/10

Combinations

10.0/10

Manifest/CSP

9.3/10

Permissions(20 analyzed)

Code Findings(25 patterns, 80 total)

Libraries(1 detected)

1 library detected

Content Security Policy

CSP Present(1 issue)

LOW

object-srcobject-src not restricted

object-src is not set to 'none'. Plugins like Flash can be embedded, which may allow code execution.

Manifest Analysis(7 findings)

Resolved from __MSG_* i18n placeholders:

Name: Pop up blocker for Chrome™ - Poper Blocker

Description: Block popups, ads, cookie requests, trackers, notifications, ads on social media & more. A clean browsing experience starts today.

HIGH

web_accessible_resourcesJS files exposed to web pages

JavaScript files are accessible to ALL websites. Any page can load and interact with these scripts, enabling web→extension attacks.

MEDIUM

web_accessible_resources.matchesOverly broad match patterns

Web-accessible resources use <all_urls> or wildcard patterns, exposing resources to every website.

LOW

externally_connectableExternal messaging enabled

Extension accepts messages from 3 external pattern(s). Verify these are trusted origins.

HIGH

content_scriptsAggressive content script injection

Content script runs at document_start in ALL frames on ALL URLs. This gives the extension deep access to every page load, including iframes.

MEDIUM

content_scriptsContent script injected on all URLs

Content script matches <all_urls>, executing on every website the user visits.

HIGH

content_scriptsAggressive content script injection

Content script runs at document_start in ALL frames on ALL URLs. This gives the extension deep access to every page load, including iframes.

MEDIUM

content_scriptsContent script injected on all URLs

Content script matches <all_urls>, executing on every website the user visits.

External Domains(26)

$1.______addons.mozilla.organalytics.poperblocker.comapi2.poperblocker.comapp.pbapi.xyzapp.poperblocker.combit.lycdn.growthbook.iochromewebstore.google.comdocs.google.comfb.meforms.glegit.iogithub.commicrosoftedge.microsoft.commomentjs.compoperblocker.comreactjs.orgredux.js.orgrt.growthbook.iotinyurl.comtwitter.comwww.facebook.comwww.google-analytics.com