Wordpress is quite good at working with outdated plugins - some plugins people still use for years after they have ceased development. It's more likely that particular functionality will stop working if a plugin is outdated than bring the entire site down, and it's a bit of a juggling act knowing which things to update and when to hold back. As long as you keep your core Wordpress up to date, WooCommerce (up to a point - ensure your theme is compatible with major WooCommerce revisions) and payment gateways, you're usually OK. If you come across a particular bug you can logically associate with a plugin then it's worth updating it to see if this fixes the problem. When we are maintaining Wordpress sites routinely, we subscribe to security alerts in the security community about when particular plugins have urgent problems, and update plugins/check for bugs, test and where possible fix them (or "freeze" the plugin where it stands) every 1-2 months or so.

What do I do if an updated plugin breaks things?

If this happens to you, there's a nifty trick for getting old versions of plugins back.

  1. Deactivate the broken one
  2. Go to the Wordpress.org Plugin Directory here: https://wordpress.org/plugins/
  3. Search for your plugin's name and go to its page
  4. You can access previous versions by simply adding "download/" to the end of the URL in your browser's address bar, for example here: https://wordpress.org/plugins/smart-variations-images/download/
  5. Download a ZIP by clicking a version number
  6. Install the plugin using this button in the Plugins area of the WP dashboard:

Reasons to try to stay up to date

The biggest risk associated with outdated Wordpress plugins/installations is hacking, such as code injection attacks that fill your site with spam or steal user data. It has happened to a client that fell behind for about a year before coming to us, so it is right to be vigilant.