As far as I can see, the Data Validation documentation on WordPress Codex does not mention whether the delete() method SQL-escapes input or if I need to do this myself. As I am developing a very important WordPress plugin, I wanted to be absolutely sure WordPress SQL-escapes 'WHERE [...]' input for me. For others looking for the same answer, yes it does - as far as WordPress version 4.2.1 is concerned (the most recent version at the time of writing). You can find out for yourself by searching in the wp-includes/wp-db.php file. The entire delete() method as seen in 4.2.1:

PHP Code:
public function delete$table$where$where_format null ) {
    if ( ! 
is_array$where ) ) {

$where $this->process_fields$table$where$where_format );
    if ( 
false === $where ) {

$conditions $values = array();
    foreach ( 
$where as $field => $value ) {
$conditions[] = "`$field` = " $value['format'];
$values[] = $value['value'];

$conditions implode' AND '$conditions );

$sql "DELETE FROM `$table` WHERE $conditions";

$this->check_current_query false;
$this->query$this->prepare$sql$values ) );

As you can see at the bottom, the prepare() method is used which SQL-escapes input for inclusion in the query. See:

Hope this helps.