It is an important hardening feature, but the browser isn’t completely insecure without it assuming it is up-to-date and that you aren’t on the receiving end of targeted/zero-day attacks. Furthermore (in Chromium) with isolated renderer processes there is still some inherent attack surface of the main process that can allow a single exploit, just like in Firefox.
No content blocker = no security. (Not quite no, but it’s very critical.)