Outdated WordPress Themes and Plugins is a security vulnerability
WordPress is software and all software needs periodical updates, not only to add new functionality, but more often to fix new security vulnerabilities. We evolve, we get better, faster and smarter, but this means that our threats evolve too. WordPress is popular and also a popular target for cyber criminals.
Cyber criminals are constantly monitoring release notes to learn about new vulnerabilities, you may have a small website, not storing much information, you might not even think a cyber criminal would be interested in your website, think again..
Your website can be used as a tool to attack other websites, information can be cloaked and hidden on your server for others to download. Cyber criminals may even interact with your potential clients… the list goes on and on.