Saying recent here isn't logical, because after patching the incident, it's not an incident anymore. But I guess you mean how secure you are with a recent version of Wordpress. I think this is though question, because Wordpress relies to a high degree on external components and plugins. There is probably no single pure Wordpress Blog, because the original Wordpress archive already relies heavily on external dependencies. That's where many of the issues were found as correctly pointed out by wyck. However this reliance on external code, without a Wordpress team or at least a software that is evaluating the code-quality or any other metric, you can't be secure. Yeah we can argue with: "But Wordpress is n-times more popular than X." However it still makes WP very vulnerable to attacks. I've cleaned and recovered some hacked commercial wp blogs and shops myself (not installed by me, but the previous dev). So whatever you believe in WP may be, just get over it. There are so many other opensource alternatives that wait for you to be tried out.