The best CMS have been under development for years
And how easy do you think it is to find out patched versions with detailed exploits on them?
Then how easy do you think it is to find all those outdated versions and as I have detailed attack vectors cause menace if I'm bored or depending on the vector cause significant problems to competitors or screw sites up for paying clients?
Granted I don't as I have ethics but you are talking a 5 min job.
Creating your own not only takes you off the radar, but as there are no detailed exploits most hackers 1 wont find your site, and 2 even if they did would have to spend a huge amount of time looking for weaknesses, if you write your own code and track your data correctly then you are sure your security is up to scratch. But by the severer volume of unpatched sites out their, bare in mind in 1 search I can gets millions of sites db passwords on their own, then they will more than likely just move on to easier targets.
If you also want pure customization, build 1 your self, as 1 I have done recently and just finishing it off now I wouldn't think you could find 1 that could be that customizesable.
Bare in mind web security degrees are 3 years on their own, and according to PCPro most web devs aren't taught nearly enough security coding for even basic basic protection at university.
I've got 6 security books alone 2 or 3 are over 800-1000 pages and do they rarely cover the same topic in the same way.
If the site is small and you stay updated on patches etc....then yeah go for it, want 1 that's protected or the site is big then build it your self, but learn what you are doing before hand from a security point of view at least.