How to get rid of this uploader added by hacker?

Some hacker injected code into one of my website admin dashboard that is showing a form in the header probably allowing him to upload some malware/files onto the server to carry out further attacks. Can someone please check what this is and tell me how to get rid of it?

https://drive.google.com/file/d/1F8JCFR4u82-IrsDr7XIFtDY4mH9zw7IH/view?usp=sharing

The text says something like “3.10.0-693.17.1.2.ELK.el6” , which I Googled and found that several websites were infected with it in past.

It is showing only on someone of the pages after logging into wordpress dashboard. I haven’t tried checking what happens if I use that thing as it might break something.