Don't have Telegram yet? Try it now!
https://blog.wpsec.com/csrf-to-rce-wordpress/
From CSRF to RCE and WordPress-site takeover: CVE-2020-8417