It depends, I think, on the complexity of the VPN.
SSH allows to do so many things, has so many config options. To the opposite, Wireguard is very simple, allows basically one thing (authenticate by a key, then pass packets), and is much harder to misconfigure.
(OpenVPN, on the other hand, does not have this advantage.)
If true, interesting that it all comes down to likelihood of misconfiguration. However, I can't see anything fundamental that a VPN adds either. I wonder, if there was an ssh that couldn't be configured incorrectly and also had a little "anti-hack" tech built in (e.g. disallow more than N connection attempts per minute, etc., what ever is normally done).
After authnz, SSH runs a shell (or other specified remote program), while Wireguard just sets up a network interface. I think it's really hard to make Wireguard run something remotely as you connect, AFAICT.
You can achieve a somehow similar result running by OpenSSH as `ssh -N -D`: do not run anything on the remote end, work as a socks5 proxy.
SSH allows to do so many things, has so many config options. To the opposite, Wireguard is very simple, allows basically one thing (authenticate by a key, then pass packets), and is much harder to misconfigure.
(OpenVPN, on the other hand, does not have this advantage.)