Yeah; this all reeks of an IP routing configuration error on the local network.
What happens outside the ISP router (or the ISP bridge, if you want to install your own router) wih DHCP and DNS and such typically isn’t central to these discussions. That either works or it doesn’t, and it’s the ISP’s problem to fix. Things get more interesting from the ISP router and its configuration and capabilities inward, or from the ISP bridge and your firewall / gateway / router / NAT box inward if so equipped and configured.
One potential cause here is the firmware of that router, and whether that can truly manage clients connected to both Wi-Fi and wired. If the Wi-Fi and wired networks are bridged at the router, that usually works. If not bridged (if routed), then the two network segments need to be in separate subnets to avoid getting routing tangled, or the clients cannot be connected to both.
Wi-Fi networks using routers with the same SSID are usually bridged, though each with a unique SSID usually gets its own subnet or potentially its own DMZ in these cases.
Here, use traceroute or ping from the malfunctioning client to the DNS server (to whichever of the various DNS servers is in use here) and then again traceroute or ping from that same DNS server to the client. TCP streams, and UDP requests and responses, sent to a server don’t necessarily use the same path to return packets from the server. They’ll use the least-cost route, which may not be the same physical path in each direction depending on costs and static routes and subnetting.
More generally, I’d be included to review and potentially to overhaul the whole network implementation, and probably to migrate from Wi-Fi routers to access points or mesh for the coverage, and either a DMZ or VLAN for the guest network.
