ExtensionPedia
Adobe Acrobat: PDF edit, convert, sign tools

Adobe Acrobat: PDF edit, convert, sign tools

Do more in Google Chrome with Adobe Acrobat PDF tools. View, fill, comment, sign, and try convert and compress tools.

Risk Analysis CVEs Behavioral Detections Permissions Host Permissions Secrets Privacy policy
Send Feedback
Risk Summary

3.6 /10

Low Risk

For extension version 26.5.2.0

Latest Version
Critical Permissions Severity
3 CVEs
Updated Version Age
Manifest V3
Available in Chrome Web Store
Privacy Policy Available
Fair Engagement Rate
CVEs (3)
ID Severity CVSS
CVE-2020-11022

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Moderate
6.9
CVE-2020-11023

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Moderate
6.9
CVE-2019-11358

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

Moderate
6.1
Behavioral Detections

Behavioral Detections

Unlock the full MITRE ATT&CK matrix

Request a Demo
Permissions (15)
Name Severity
Cookies

Extensions with the cookies permission can retrieve and modify cookies (requires host permissions).

Critical
Request Read

Access to network traffic

Critical
Scripting

Extensions with the scripting permission can inject and execute code in web pages, which can potentially be used for data exfiltration or session hijacking (requires host permissions, available since Manifest V3).

Critical
Declarative Net Request

Extensions with the declarativeNetRequest permission can block network requests without requiring host permissions, and redirect requests and modify headers if it has host permissions.

High
History

Extensions with the history permission can add, remove, and query for URLs in the browser's history.

High
Tabs

Extensions with the tabs permission can query the url, pendingUrl, title, and favIconUrl of any tab.

High
Web Navigation

Extensions with the webNavigation permission can track websites the user visits by listening to navigation events.

High
Alarms

Extensions with the alarms permission can schedule code to run periodically or at a specified time in the future.

Medium
Bookmarks

Extensions with the bookmarks permission can create, organize, and otherwise manipulate bookmarks.

Medium
Context Menus

Extensions with the contextMenus permission can add items to the browser's context menu (also known as the right-click menu).

Medium
Downloads

Extensions with the downloads permission can programmatically initiate, monitor, manipulate, and search for downloads. This can be used to download scripts.

Medium
Native Messaging

Extensions with the nativeMessaging permission can communicate with cooperating applications installed on the user's machine.

Medium
Off Screen

Use the offscreen API to create and manage offscreen documents.

Medium
Side Panel

Extensions with the sidePanel permission can display content in the browser's side panel alongside the main content of a webpage, enabling a persistent interface that complement the user's browsing journey (available since Manifest V3).

Medium
Storage

Extensions with the storage permission can store and retrieve user data, which can persist even after clearing the cache and browsing history.

Medium
Host Permissions (1)
<all_urls>
Secrets

No Secrets Found

No exposed API keys or credentials were detected

Privacy Policy

Privacy Policy

Unlock privacy policy risk assessment

Request a Demo