Mozilla has disabled a third-party add-on called “Mozilla Sniffer” for security reasons, technology news website Cnet reported on Wednesday.
Mozilla issued a statement to all Firefox users that the Mozilla Sniffer had been found to intercept users' login details and send it to third-party websites.
According to Mozilla, the add-on has been downloaded for more than 1,800 times and has 334 active users.
On the company blog, Mozilla wrote: "If a user installs this add-on and submits a login form with a password field, all form data will be submitted to a remote location."
The company added that the third party site appeared to be down.
Users have been advised to uninstall the add-on and to change their passwords to prevent further security risks.
Mozilla wrote: "We're already working on implementing a new security model for addons.mozilla.org that will require all add-ons to be code-reviewed before they are discoverable in the site."