Correct me if I'm wrong, but it seems to me that any version of perl prior to 5.30.3 is insecure (in that it would have unpatched CVE's).

Yes and no. If you are installing it yourself from source, then yes. OTOH, I expect that most users will install from their distro's packages and these do get backported fixes while the distro itself is still supported. Thus you will see updates for example for the Perl v5.16.3 which shipped with CentOS 7 still being provided. So long as your distro is still shipping updates you can consider your old Perl to be safely usable.

I can't remember the last time I moved perl up and had a single compatibility issue even with my products using hundreds and hundreds of CPAN modules.

The 2 recent(ish) big breaks for me were the removal in 5.18 of '.' from @INC and the breakage in 5.14 of for my $i qw/foo bar/ { print "$i\n"; }. The former was well advertised, had a good rationale and an easy workaround if required. The latter less so.