I developed a lightweight yet effective WordPress plugin that automatically adds essential HTTP security headers to a site. These headers mitigate common web vulnerabilities, including clickjacking, content injection, and browser-level attacks. The plugin is designed to work seamlessly upon activation and requires no user configuration, providing an unobtrusive security enhancement for WordPress installations. This contribution promotes safer web practices while remaining simple and accessible for all users.