Both the core WordPress software and the plugins that are used to extend WordPress’s functionality are updated regularly. The updates serve two purposes. One to to expand and improve the functions and use of the software. The second is to fix security vulnerabilities. If you have been on the receiving end of a hack due to those security vulnerabilities, then you know the consequences. Some of them even make the news. The hacks that install malicious software take away the functionally of the site, affects your search engine rankings, not to mention the impression that it gives your users and the effect on your income. The worse outcome is the public release of documents that were accessed via the hack (like this one). Recovery from being hacked takes money and time, so it is much better to prevent it.
To avoid these vulnerabilities WordPress and plugin developers regularly make updates available. We have systems in place to be notified as soon as any update is available for what is on your site and implement that update and check for functionality after the update.