XML External Entity (XXE) is a vulnerability impacting apps processing XML documents.
The vulnerability triggers when the XML input contains a reference to a malicious external entity because of a weakly configured XML parser. It may lead to data disclosure, denial of service, etc.
The OWASP 2017 Top Ten classifies this vulnerability as A4.
This protection is available to all PHP applications.