If you own a ecommerce website and if it is a open source code application like magento, prestashop, creloaded, oscommerce, opencart, or zencart then upgrade is a must every year, and regular addition of patches is necessary to keep the application safe for yourself and for your customers as well. You can’t risk a hacker entering your website and stealing away your confidential information would you?
The smarter the application becomes the more smarter the hackers become and therefore as an answer to their intrusion every now and then a patch is released to keep the application safe.
And if you have been postponing the upgrade for several years for now, then there are many things that need to be taken into consideration like:
1. Upgrading the extensions, this would mean that you will have to get in touch with each extension vendor and get the upgraded version from them because you are upgrading the whole application so it makes sense to upgrade the extension as well.
2. The downtime in the website will exist when you will move the upgraded application to the live server and thereby replacing the older version. This downtime can be minimized if the server is good and can handle the load of a additional application.
It is not essential that ecommerce owners need to consider the upgrade alone, even CMS owners like wordpress and drupal need to consider this for security reasons and to avail the advanced features as well.
If it is a paid application like Bigcommerce or shopify then you needn’t worry about it, you are already paying them a neat sum every month so they can at least do that for you!