I kind of doubt that you have root. If you have root, you typically know that you have root.
What plugins are you using on your WordPress site? How many plugins? Are the plugins up to date? Are the plugins still being developed by their developers? (i.e. If a plugin was last updated in 2018, it's PROBABLY abandoned). Older plugins may not be performing tasks in an optimal manner.
Posting the answers to these questions here probably isn't going to provide any resolution. I suppose you might luck out and find someone that also had a similar issue with a certain plugin.
My BEST guess - if this is only happening around a certain time - is that one of these plugins is scheduling a task in the wp-cron and the wp-cron is executing this task around a certain time and that's causing your high CPU usage. What that task is? Where to find that task? What plugin is responsible for that task? Can that task be disabled? Those are all questions that I won't be able to answer.
The more plugin you use - that's just more code that each website request will have to filter through. I don't know if there is a dead set "don't use over X number of plugins", but the more plugins you use the more your account is having to work to render pages, the higher the chances are they you have a sub optimal coded plugin, and also the higher the attack surface area you have for security threats.
The principle of least privilege is kind of in play here in regards to plugin usage. The principle of least privilege states that you don't give an entity more privileges than they need to perform a task. The role plugins in play in WordPress in regards to this can be understated. Do you really need a plugin to perform xyz task? What else does that open you up to just to perform the xyz task?