In image_picker's README is stated:

This permission is not required for image picking on iOS 11+ if you pass false for requestFullMetadata.

And while this is true for testing, when uploading the app build to the App Store after a few minutes of processing I received this email:

Dear Developer,

We identified one or more issues with a recent delivery for your app, "app-name" app-version (app-build-number). Please correct the following issues, then upload again.

ITMS-90683: Missing Purpose String in Info.plist - Your app‘s code references one or more APIs that access sensitive user data. The app‘s Info.plist file should contain a NSPhotoLibraryUsageDescription key with a user-facing purpose string explaining clearly and completely why your app needs the data. If you're using external libraries or SDKs, they may reference APIs that require a purpose string. While your app might not use these APIs, a purpose string is still required. For details, visit: https://developer.apple.com/documentation/uikit/protecting_the_user_s_privacy/requesting_access_to_protected_resources

Best regards,

The App Store Team

I suggest updating the README with some note about production builds as I don't think that there is a way to avoid this issue without removing functionality from the plugin (but I'm not an iOS dev so I might be wrong).