WordPress is only as secure as you make it. Open registrations should not be a problem if you:
- Use CAPTCHA for registrations.
- Use double opt-in: have users verify their email after they register. By default, registered users must be subscribers and after they are verified, you can set them as authors.
WordPress users cannot by default hack/destabilize the installation. Your main concern would be external hackers. Use all the hardening that you can and be wary of upgrading WP.
There are many websites that trust WP for such a setup. I think http://net.tutsplus.com/ also uses WP – very effectively too. 🙂