Basically people who can edit Widget: pages. These pages contain raw HTML and may possess security risks if handled incorrectly, thus the need for authorization to edit such pages.