Endpoint /nextcloud/index.php/core/apps/recommended is accessible via GET http method and doesn’t check anti-csrf token. If an admin visits this endpoint in a browser the process of installation of recommended applications begins immediately.
nextcloud/server: 22.2.2 (at least)
require requesttoken for this GET query
or you can change behaviour so to initiate the installation process by manual click (POST query with checking of requesttoken)
{F1517676}
Increasing of attack surface.
Any unused plugins should be disabled or removed. But this way allows to install them.