Because of these vulnerabilities, the attackers can obtain sensitive information via a direct request to wp-admin/upgrade-functions.php, wp-includes/vars.php, wp-admin/edit-form.php, wp-content/plugins/hello.php, wp-settings.php or wp-admin/edit-form-comment.php.
Update the WordPress to the latest available version (at least 1.5.2).