The WordPress Vulnerability report is as follows.

WordPress 5.5 rolls out with auto-updates for plugins, themes

New updates in which the plugins and themes updated automatically.

WordPress Themes Vulnerabilities

1. WordPress Suspends Astra Theme Vulnerability

• WordPress suspended the Astra theme for five weeks for violating prohibitions on affiliate links. Theme publishers denied that the theme added affiliate links.
• Popular WordPress theme Astra with over one million users has been suspended for five weeks.

It is crucial to the security of your WordPress site that you have an update routine.
You should be logging into your sites at least once a week to perform updates.