WordPress emulates magic_quotes_gpc and won’t be deprecating this for some time due to concerns over plugin security and backward compatibility.
To work around this, you need to use stripslashes() or, if you need to strip slashes when data arrives via $_POST, $_GET, $_COOKIE, and $_REQUEST arrays, you can use the WordPress stripslashes_deep() function: http://codex.wordpress.org/Function_Reference/stripslashes_deep