There most likely is a few means to fix this, whether or not this involves code running on only the wordpress installation or a mix of a wordpress installation along with a master server I don't know yet, but please remember not have tunnel vision and consider every possible solutions:
The scenario is: A WordPress wordpress plugin (wordpress plugin-A) that handles some kind of valuable data (something which the admin don't want stolen), allows say, lead data with user's title and emails, the wordpress plugin uses its very own db tables.
Apart from the apparent (the admin setting up wordpress plugin-B, being unsure of its malicious intent), what's to avoid another WordPress wordpress plugin (wordpress plugin-B) from being able to access wordpress plugin-An information or hacking wordpress plugin-A files to circumvent security.
The issue here is, you will be attempting to safeguard the machine from something that's running there - the character of the WordPress wordpress plugin is it has
- Database title, account information, together with...
- An energetic database connnection, that it might easily query to locate all tables as well as their structures, regardless of how obscure
- It's running inside the WordPress script, and can access all globals, functions and classes
When the data you are dealing with is the fact that sensitive, or else you simply don't wish to be in danger, do not let plug ins (a minimum of not without checking the origin code first).