According to https://patchstack.com/database/wordpress/plugin/http-headers/vulnerability/wordpress-http-headers-plugin-1-19-2-authenticated-administrator-stored-cross-site-scripting-vulnerability and https://www.cve.org/CVERecord?id=CVE-2026-1379 there is a security issue with the plugin.
According to https://patchstack.com/database/wordpress/plugin/http-headers/vulnerability/wordpress-http-headers-plugin-1-19-2-authenticated-administrator-stored-cross-site-scripting-vulnerability and https://www.cve.org/CVERecord?id=CVE-2026-1379 there is a security issue with the plugin.