Generally, WordPress auto updates are safe in terms of security and vulnerabilities. In fact, most web hosting services like Bluehost, Dreamhost and others, will automatically push WordPress security updates out automatically, requiring you as the admin to do nothing. They will usually send an email notification letting you know of the update.
However, there are times when automatic updates may break your WordPress theme or plugins. Personally, for the websites we manage, we only allow the hosting security updates to update automatically. We prefer to update each core update, theme update and plugin update individually. This allows us to look at each update systematically to ensure that the update won’t break the customer’s website.
If you’re a small business owner or marketing team responsible for maintaining your website, you can check the compatibility of the plugin update, for example, by clicking the view details link of the plugin in the updates section of your WordPress admin. By clicking the view details link, you’ll see what changes have been made to the plugin and generally any notes from other users who’ve also updated the plugin.
How ever you decide to your WordPress updates, it’s important that they are done or you can run into major problems down the road.
If you’re still unsure about WordPress updates and maintenance, please feel free to reach out to us for help.