This indicates an attack attempt to exploit a Remote File Inclusion vulnerability in MM Forms Community Plugin for WordPress.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling uploaded files. A remote attacker can exploit this to upload arbitrary files and by making a direct request to the file, also execute the script file uploaded.
MM Forms Community plugin 2.2.5 and 2.2.6 for WordPress
System Compromise: Remote attackers can execute arbitrary script code in the context of the affected site.
Currently we are unaware of any vendor supplied patch or updates available for this issue.