I would just add that I don't think Moodle is more or less secure than any other complex (an important word here) web application. Sure there have been documented issues and they are well documented as is how the resolution of same was handled. I think they were (on the whole) handled professionally... but I am biased of course.
In the majority of cases these were nothing that could not have been averted by a well run Moodle site on a well run server. This requires a good system administrator and reasonably good knowledge of Moodle. I can't tell you if you have these skills or are willing to acquire them.
Moodle has added various tools to "save you from yourself" in more recent versions (e.g. the security overview report) but a determined clueless person can still leave the door open to hackers if they are determined. No different to anything else. This is the price you pay for letting absolutely anybody have the software.
Comparisons and advocacy
I need to defend moodle.
This discussion has been locked so you can no longer reply to it.