Some people think opting to NOT upgrade WordPress instead of paying to make sure that their theme and plugins don't break during an upgrade can save them money. I am here to tell you this is just not the case.
Some plugins do not maintain their settings on update, and there may be conflicts with a new WordPress version, but my experience is that this is the exception, rather than the rule.
If you don't upgrade WordPress your site runs an increased risk of being hacked. This is unfortunately, one of the downsides of open source software - it's also available to hackers who look for potential security holes.
I've seen the aftermath of sites hacked and the cost of lost business is far more expensive than upgrading and possibly having to pay a developer to tweak your theme or find a new plugin.
When you update plugins make sure to have a backup, then have the following backend pages open in different browser tabs: Widgets, the settings page(s) of the plugin(s) to be updated, and the site's front page. This way you can see if the plugin's settings were maintained after updating, or if there are any other issues.