Scratch Addons should not have any security issues in its most recent version, found in the Chrome Web Store and Addons for Firefox.
We only officially support the most recent stable versions of Chrome and Firefox. However, if you found a vulnerability that only occurs if using an old browser version, please report it (see below).
If you find a vulnerability within Scratch Addons (any repository belonging to the organization) please contact World_Languages privately by emailing worldxlanguages (at) gmail.com. If you don’t get a response within 48 hours, please create an issue in this repository mentioning you sent an email.
See our advisories that we have published for vulnerabilities that we have disclosed on this page.