That's your first message and you want somethings. , what did you for forum? Why am i help to you?
You can try bruteforce on panels and very effective hacking tactis is exploits. Search exploit. Exploit-db etc...
SQL İnjection better than others exploit and sql is common exploit. You can find this expliot everywhere(Wordpress and ready scripts excluding.) You can find code injection(for wp 4.7.0 and 4.7.1)on that forum. Type to searchbar.
You can't shell upload with code injection exploit but you can upload your index to page with code injection exploit. Hacking isn't easy Wordpress have upload exploit in very old versions. You can do social engineering, that's working everytime