HEX
Server: Apache
System: Linux sg241.singhost.net 2.6.32-896.16.1.lve1.4.51.el6.x86_64 #1 SMP Wed Jan 17 13:19:23 EST 2018 x86_64
User: honghock (909)
PHP: 8.0.30
Disabled: passthru,system,shell_exec,show_source,exec,popen,proc_open
$ pwd: /var/softaculous/wp50/
Upload Files
File: //var/softaculous/wp50/add_user.php
<?php

@unlink(__FILE__);

// Validate if the request is from Softaculous
if($_REQUEST['pass'] != '[[autopass]]'){
	die("Unauthorized Access");
}

require_once('wp-blog-header.php');

$user_data = '[[user_data]]';
$user_data = unserialize($user_data);

$add = wp_insert_user($user_data);

$ret = array();

if(is_wp_error($add)){
	$ret['error'] = $add->get_error_messages();
}else{
	$ret['done'] = 1;
}

echo '<add_user>'.serialize($ret).'</add_user>';

exit(0);
@ Telegram