By now you have probably already heard about the changes being made to browsers to reduce phishing online. Google announced changes in Jan 2017 in regards to insecure websites without an SSL. It is something they are intending to push further with the release of Chrome v62 shortly. Added to this, having an SSL has also now been deemed as one of the 4 most important SEO ranking factors.
Browsers are already notifying users when a website is insecure and it will be something flagged more promptly with new releases, which are set to include contact forms and pop ups.
Obviously, this will affect any website CMS or custom framework not just wordpress.
Without an SSL certificate, wordpress (and any other website) will now flag your content as insecure within your browser. Unfortunately this will deter many potential clients and customers visiting your site, regardless as to whether you accept payments online. It will also mean shortlyl that messages will be flagged about your site security on site functionality such as contact forms. Along with that you also need to assess the affect not having an SSL will also now have on your rankings.
Well, luckily most hosting companies offer free SSL certificate options such as Lets Encrypt. So the costs can be kept minimal.
To avoid conversion drops it is something that you really need to set in place.