Out-of-date WordPress files, themes and plugins can lead to your site being compromised. If malicious code is placed on your site, it will automatically affect your ranking on Google. Google is not going to send any visitors to a site with malicious code. In a day, your site can drop like a stone from search listings and then take half a lifetime to get your position back. So to that end, it is vitally important that you conduct regular updates on the WordPress core, plugins, and themes. Aside from the security aspects, keeping WordPress up to date will have a positive impact on the speed and overall performance of your website.
Plugin and Theme Updates
Out-of-date plugins are the back door that some people need to compromise your site. Most hackers will expose vulnerabilities in coding in old plugins. That’s why it’s so important that each time there’s an update to a plug-in, it’s done with immediate effect on your site.
Likewise, old themes can also expose you to vulnerabilities if they are not updated, and these must be done as the theme developers issued them.
The screenshot is part of the code of an Irish site that either, through a plug-in or theme vulnerability, has been compromised. I know that unwittingly selling these products is certainly not part of their core business! I did inform them of the issue on their site.
Website Updates - What we can do
WordPress core updates are flagged in advance so, they can be prepared for.
These are always manually updated on the day of release.
Plugin updates happen nearly every day, and they are updated daily.