As a responsible user, I won’t discuss about the actual case, of course. Since this is not a technical loophole of ChatGPT, I’d like to point out the security weakness conceptually.
Suppose you install two plugins DrSmithPlugin and DrJohnsonPlugin. Most of you don’t want to disclose your chats with your doctor to another stranger doctor. Also, if you are so unlucky in your divorce proceedings (bless your heart, stay married 
), you wouldn’t probably want to share your conversations with HusbandLawyerPlugin with WifeLawyerPlugin.
It is an innate problem: you either give the ChatGPT free will to route your messages to maximize its intelligence, or withhold that free will to diminish its potential.
Right now, the only workaround for me is to advise my users of enabling just one plugin at a time so that the users would make an informed decision of whether they would trust that plugin or not.