Since Wordfence support give a sh*t on support and its users, then I am posting what I have found so far about those attacks.
In different plugin (which is much more better than Wordfence in terms of logs), I have found that attacker is basically trying to find certain files in certain plugins where are bugs or known backdoors. Many of these attacks ends with 404 error, because I do not have those plugins. Here is a short list of files that was attacker trying to reach:
/wp-content/plugins/wp-filemanager/fm.php
/wp-content/plugins/auto-attachments/a-a.css
/wp-content/plugins/wp-image-news-slider/functions.php
/wp-content/plugins/another-wordpress-classifieds-plugin/AWPCP.po
/wp-content/plugins/gallery-plugin/gallery-plugin.php
Pavel