Mark any themes or plugins you want to update by ticking the boxes, then click the button at the top/bottom to start updating them. If you have a habit of ignoring these alerts, it’s time to stop.
As you know, plugins and themes can be updated through the Plugins and the Themes tabs. Also, not all premium third-party themes push automatic updates, so you might want to check their websites every now and then.
More importantly than updating your plugins and themes is keeping WordPress up to date.
39% of hacked WordPress sites were outdated. Sometimes you may need to push off an update because it may interfere with a plugin you’re using, but eventually you may have to lose the plugin to save your site. Leaving WordPress outdated for months is possibly the worst thing you can do.
(Pro tip: Always back-up your site before introducing updates. Just in case there is a hiccup.)
While you’re at it, you should remove the version number from your source code.
By default, WordPress websites carry a meta tag containing the WordPress version number that the site is using. We have to agree with security specialists that this just makes life too easy for hackers.
You can manually remove WordPress’ version number by placing some simple code into your functions.php file. If, as we’ve suggested, you are using a WordPress security plugin, many of them hide your WP version automatically. If you’re considering using a performance plugin, the Perfmatters plugin also includes an option to hide WP version.