Updating WordPress is not an easy process

Wordpress is universally recognized around the world as the most versatile content management system.
98 million websites in the world are powered by Wordpress.
But the more popular a software product is, the more cybercriminals are trying to hack it.
A hacked site based on Wordpress can be a carrier of malicious code that spreads spam and various software viruses. Wordpress is known to be the most hacked CMS in the world.
Wordpress developers pay great attention to system security, identify weaknesses in the program code, fix bugs and regularly release CMS updates.

One way to improve the protection of a wordpress site is to update it regularly.
It is not recommended to immediately update the core of a live site directly. Installed plugins may not understand this and stop functioning. It is good if the plugins have updates to the current updated version of wordpress, and if not ... The plugins stop working and ... The site does not work.
 Therefore, the update must be carried out sequentially in the debug virtual environment where the debug version of the site is located, which coincides with the current working version.
For a virtual debugging environment, you can use the WAMP server, which is installed in Windows OS on your local desktop computer.
Let's assume that a copy of a production site is already installed in a debug environment.

To update a site on Wordpress, do the following ...
Open the administrative panel of the site, click on the Update button as shown in the photo below.

Another panel will open for updates to Wordpress, plugins, and current templates.

Click "Update Now" to start the process.

At the same time, carefully monitor the functional changes in the site.

Then update the plugins and the current site template.

A full functional bump test must be performed after the upgrade.
If the updates were successful, we place the updated version on the hosting instead of the previous working one.

Due to possible malfunctions of the site, it is not recommended to enable automatic updating of the Wordpress core, plugins and templates. 

 For security purposes, daily monitoring of the release of the updated version of Wordpress, installed themes and plugins is required. It is necessary to timely and promptly apply updates, monitor the site's performance. To do this, you need a specialist - a site administrator. The site owner can act as an administrator himself. However, updating the system is a laborious process and will take a lot of time. However, safety is paramount.