aliexpress affiliate malware in shortcode

Hi, my whole multisite got infected by an aliexpress affiliate ad code inserted in html snippet plugin. It infected subsites with with popup ads (dns unlocker + aliexpress and other popups) and in-text ads. Question: Is there a way to protect main site and subsites against other sites who get infected? Wordfence picked it up in the advanced scan, but didnt fix it automatically. I had to delete all plugins in wp-content.