It is common WordPress security advice to “Ensure your plugins are up to date!”

You can install a plugin that will update plugins immediately, or you can put an instruction in wp-config.php to do the same thing.

We do neither.

For an example why, take a look at the changelog page of the plugin Schema.

You’ll see version with 13 changes, hastily followed by version with the legend

  • Reverted back all changes made in version, since it breaks!


We have found you are much more likely to have a site go down due to plugin conflicts than hacking.  As part of the Maintenance Package at Finflix we combine careful manual upgrades of plugins with offsite backups.