security problems- is it from the theme?

Hi. I ran a checker on my website http://www.BrainChampagne.com and I got these warnings (I sent the info to my web host ionos and they said it’s a problem with the theme- is this true and if so can it be fixed? I don’t understand a word of this stuff):

New vulnerabilities are continuously found for jQuery, lodash, Angular and other libraries.
Monitor these libraries to protect your web application.

Stay up to date on CVEs by connecting your project to Snyk to receive automated notifications & fixes.
❌ The following security headers are missing from the website:
HIGH SEVERITY
Strict Transport Security
A HSTS Policy informing the HTTP client how long to cache the HTTPS only policy and whether this applies to subdomains.

Strict Transport Security documentation
LOW SEVERITY
X Content Type Options
The only defined value, “nosniff”, prevents Internet Explorer from MIME-sniffing a response away from the declared content-type. This also applies to Google Chrome, when downloading extensions

X Content Type Options documentation
MEDIUM SEVERITY
X Frame Options
Clickjacking protection: deny – no rendering within a frame, sameorigin – no rendering if origin mismatch, allow-from – allow from specified location, allowall – non-standard, allow from any location

X Frame Options documentation
HIGH SEVERITY
Content Security Policy
A computer security standard introduced to prevent cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context

Content Security Policy documentation
LOW SEVERITY
X XSS Protection
A Cross-site scripting filter

X XSS Protection documentation