WordPress always adds magic quotes regardless of server settings. This ensures consistency regardless of the environment. Even though magic quotes has been removed or deprecated from PHP, WordPress keeps this behaviour for backwards compatibility with older versions of PHP and plugins that were written with older versions of PHP in mind.
If you want to remove slashes you can use stripslashes() or stripslashesdeep():
$_POST = stripslashes_deep( $_POST );
Keep in mind that because of this behaviour parts of WordPress expect slashed data. See this quote from an announcement regarding the REST API:
We are regarding inconsistently-slashed data as a major bug, and are
changing the API infrastructure to ensure unslashed data. This will
ensure that data is consistent regardless of the source. Callbacks
will now receive unslashed data only, and can rely on this regardless
of the original data source or request method.If you are using functions that expect slashed data in your callback,
you will need to slash your data before passing into these functions.
Commonly used functions that expect slashed data arewp_insert_post,
wp_update_post,update_post_meta,wp_insert_term,wp_insert_user,
along with others. Before passing data into these functions, you must
callwp_slash()on your data.
While that’s regarding the REST API, if you change the behaviour of the slashing in your own code, you could run into the same issues.