It would be great if you could share it here, the plugin name or at least part of the malicious code, we can learn and search in our website files.
You can send it to any website security providers like sucuri or to wordfence at samples@wordfence.com. So that it could go global if its a genuine issue.
Thank You
swachhsite.com