The "RCE on WordPress website" vulnerability allows attackers to run unauthorized code on a WordPress server, potentially gaining full control over the website. This severe flaw can lead to data theft, website defacement, or the use of the server for further attacks.
https://hackerone.com/reports/2248328