Build With Parameters Plugin 1.5 and earlier does not require POST requests for its form submission endpoint, resulting in a cross-site request forgery (CSRF) vulnerability.
This vulnerability allows attackers to build a project with attacker-specified parameters. Build With Parameters Plugin 1.5.1 requires POST requests for the affected HTTP endpoint.