It is common WordPress security advice to “Ensure your plugins are up to date!”
You can install a plugin that will update plugins immediately, or you can put an instruction in wp-config.php to do the same thing.
We do neither.
For an example why, take a look at the changelog page of the plugin Schema.
You’ll see version 220.127.116.11 with 13 changes, hastily followed by version 18.104.22.168.1 with the legend
- Reverted back all changes made in version 22.214.171.124, since it breaks!
We have found you are much more likely to have a site go down due to plugin conflicts than hacking. As part of the Maintenance Package at Finflix we combine careful manual upgrades of plugins with offsite backups.