The xmlrpc.php file in WordPress is a common attack point, as it's the API for WordPress that allows for remote management such as creating/editing posts, etc.
As a result of this being a common attack point, we disable it by default on our servers to protect your sites from abuse.
Most modern tools and plugins use the WordPress JSON API to access WordPress functionality these days, or their own plugin rather than the outdated xmlrpc.php method, so please check with the plugin developer first to see which method they actually use.
If you wish to enable xmlrpc.php, then please install a plugin such as Rename XMLRPC from the WordPress directory to rename the xmlrpc.php file to something else and re-enable access to it.
