The Plugin Firewall whitelists 3 conditions that do NOT block, but instead ALLOW:
Your current IP address is allowed
Your Server IP address is allowed
Your Domain name is allowed
Only you, your Server and your domain name are allowed access to the /plugins folder. So to answer your question it does not matter if a hacker knows your IP address. The hacker would need to logged into your website/website domain in order to gain access to the /plugins folder.