Thanks @tectonic. I was thinking the fact I'm using LAN ranges might be an issue, and it turns out it was. I switched the Wireguard interface to a 10.0.10.x subnet, added the firewall zone and forwarding rules, and I now am able to ping 10.0.0.15 and SSH into it. So it works! 
However, problem #2: I am still losing WAN DNS on my smartphone. I can ping sites by IP address but no name resolution when I enable the Wireguard connection on my smartphone... (and the Wireguard connection is only meant to route 10.0.x.x traffic).
Edit: solved by setting a public DNS server (e.g. Quad9) in the client configuration. Works fine for my needs. I hope this is not a security issue?
Thank you for your help and patience!
So the settings below work.
Client configuration:
[Interface]
Address = 10.0.10.250/32
DNS = 9.9.9.9
PrivateKey = xxxx
[Peer]
AllowedIPs = 10.0.0.0/16
Endpoint = <snip>
PersistentKeepalive = 25
PublicKey = xxxx
OpenWrt (server) configuration:
config interface 'wg0'
option proto 'wireguard'
option private_key 'xxxx'
option listen_port '8192'
list addresses '10.0.10.0/24'
config wireguard_wg0
option public_key 'xxxx'
option persistent_keepalive '25'
list allowed_ips '10.0.10.250/32'
option description 'Android Smartphone'