I forgot the option kses in the form arguments, which stops sanitising on every field, but I want it only for specific fields, so it’s not ideal.
I am abandoning adding scripts on the front-end now because it is unsafe and we already noticed the disadvantages of it.