The issue is with a global WordPress variable array called $allowedposttags, which is a big array of allowed tags and sub-arrays which list the allowed attributes.
You can modify it directly in your theme or write up a plugin, or you can just use these two that are already made:
The Script tag limits attributes down to just “type”, so no “src” can be added, which would allow scripts to be loaded from remote sites.
Even then, adding the Scripts tag means that you are trusting your userbase to not be horrible and evil, as you are now allowing them to embed code in content.
Same goes for Video tags.
Another Annoying WordPress thing: no onClick
Another of WordPress’s annoying features is the fact that by default a div tag can’t have the onclick attribute.
Here is another quick plugin to solve that:
ASD wp_kses onClick