Do I need to escape number in this shortcode function?

Yes, never trust user’s input.

Just because you told people to provide a valid number for a specific shortcode parameter, it doesn’t guarantee that the input will always be a valid number, so always secure user’s input — and output.

You should also, if you haven’t already done so, read these articles:

And for example in your case, for accepting absolute integers only:

<?php
$cols = absint( $atts['num'] );
// Validate and set default value.
$cols = $cols ? $cols : 3;

Related Posts:

  1. Shortcode empty attribute
  2. Using wp_editor in shortcode
  3. Why are you using add_action for shortcode?
  4. How to get URL param to shortcode?
  5. Making a Shortcode [NEXT] and [PREVIOUS] to place into specific posts for post navigation
  6. Native “playlist” shortcode random playing… How?
  7. How to display the names of users from a specific group with a shortcode?
  8. shortcode for logo image
  9. Stop strip_shortcodes() stripping content inside shortcodes
  10. Using audio shortcode for .mp3 URLs with a query string
  11. Get multiple shortcode attribute values
  12. How do i link gallery thumbnails to different url’s using the wp native gallery?
  13. How to display some selected user meta data on a specific page with a shortcode?
  14. Gallery shortcode menu order fix no longer working on WordPress 4.0
  15. How to save a shortcode in a Gutenberg custom block?
  16. Is shortcode_unautop() broken?
  17. has_shortcode for content added after the content
  18. Shortcode displays only default attribute values
  19. Can a shortcode function this way
  20. Dynamically create shortcodes using add_shortcode and a callback
  21. Creating a Slider Shortcode Based on Nivo Slider
  22. Passing attributes to shortcode dynamically
  23. Stop parsing shortcodes
  24. Meta tags in shortcode
  25. Why isn’t this youtube shortcode working?
  26. Gist shortcode is not working
  27. How to set Contact Form 7 fields default value using shortcode attribute? [closed]
  28. Display post metadata: “title, category, author, date” with shortcode
  29. shortcode javascript not working on custom template file inside theme folder
  30. shortcode get thumbnail size
  31. Shortcodes Keep Wrapping in
  32. Check if post has gallery images/media
  33. Stop auto formatting in shortcodes
  34. Get URL Param Plugin and Inserting Result in Widget Code
  35. Problem with using custom shortcode with ACF WYSIWYG field
  36. Add shortcode support to custom field
  37. Preserve shortcode content formatting
  38. Shortcode help: If no image entered take default
  39. How can I escape a section of my page which contains multiple shortcodes?
  40. Populate shortcodes with table data and get next row
  41. Running shortcode with variable that is modified
  42. Reloading a Mediaelement audio player
  43. Shortcode is not processed when added to option field using wp_editor
  44. How to apply an ID to Shortcode Embedded iframe
  45. Adding Shortcode Values to wp_head
  46. How to change the output of gallery shortcode
  47. Shortcodes: closing shortcode not being processed
  48. Retrieving post excerpt as a shortcode
  49. Insert PHP code via shortcode?
  50. Trying to call dynamic content as a shortcode attribute
  51. What is the correct syntax to append a URL using a shortcode for an iframe?
  52. Shortcodes in RSS excerpts
  53. How to trace shortcode to its functionality
  54. If else with shortcodes
  55. Using shortcodes to communicate my page design
  56. enqueue script with get_shortcode_regex
  57. WordPress User ID as Shortcode
  58. Add div on EMED Tag
  59. Clean way of using ob_start() and ob_end_clean() in wordpress
  60. Theme Convert PHP code to shortcode
  61. find shortcode inside content of post
  62. WordPress Short code for List style
  63. Processing a login/register form before shortcodes are rendered?
  64. Adding a cover image to video shortcode
  65. Insert First Image into post (full-width)
  66. How can i strip shortcode from HTML title tag?
  67. Show content if user left comment / non-logged visitors?
  68. How to insert current user ID/entry ID into a shortcode?
  69. Need help with creating a simple shortcode
  70. How to display html element and php string in the same line?
  71. Using a WP shortcode in Homepage
  72. i want to show a modal when user lands on home page very first time
  73. Gutenberg running code only available in front end within shortcode
  74. Insert HTML in content property and render it using shortcodes
  75. create shortcode that changes url endpoint
  76. Logout user if click on a custom page link
  77. Shortcode Attribute not defined
  78. Attributes are not passed on nested shortcode
  79. Second attribute of shortcode is not changing why?
  80. Removing text + shortcode from all posts
  81. Is Post-Author-Id shortocde
  82. Load next post by ID on a single page
  83. Plugin Shortcode value in post
  84. Add catagory attribute to custom shortcode
  85. Access the resized images generated by `add_image_size()`
  86. Class variables in shortcodes
  87. Separating Custom Template logic
  88. Defining the output of a WordPress Att
  89. Remove width and height attributes from [gallery] output
  90. Custom WP theme not showing shortcodes
  91. Shortcode for sectors
  92. How to not show shortcode contents if cart is empty?
  93. woocommerce Product shortcode create [closed]
  94. Help with Shortcode Functionality
  95. Shortcode Site include in a other
  96. Shortcode with foreach
  97. How do write this type shortcode? [closed]
  98. WordPress functions.php shortcode is not working [closed]
  99. My first WordPress shortcode just returning []
  100. 3 shortcodes 2 won’t render [closed]