Hanqing-Sun

**Name of the Vulnerable Software and Affected Versions** zwczou WeChat SDK Python versions 0.3.0 through 0.5.4 **Description** A critical issue affects the `validate/to xml` function, leading to xml external entity reference. The attack may be initiated remotely. **Recommendations** To address this issue, upgrade to version 0.5.5. As a temporary workaround, consider disabling the `validate/to xml` function until the patch is applied. Restrict access to the affected component to minimize the risk of exploitation.