This is generic mechanism that is utilised across multiple areas. It can be used in back office forms, or even by some front office features (modules).
Even in back office use, it's always good idea to be cautious. Shop owner could copy and paste some html code, a code that could contain javascript or css. This javascript would make it to shop front office, and that's quite severe security issue. Even if the js is not an attack, it can easily break your pages by throwing javascript errors, and thus preventing your own javascript code to work properly. Similarly, any css inline code can very easily make your pages unusable.
While WYSIWYG editors are useful, the backend php should never trust the input. Sanitization of input can help you very much.
If you need to enter special html markup into your 'texts', then it's a very good indication that you are doing something wrong. You should modify your theme templates instead, and keep your content clean - just text with some basic formatting options.