I have successfully setup a WireGuard tunnel between two Mikrotik devices and site to site communication as well. Everything works fine but actually I would like to setup in some way like: Site A ("server", lan 192.168.200.0/24) devices can start communication and receive response from devices on site B ("client", lan 192.168.100.0/24) and block the oposite, site B can't start communication to site A. Don't know if it's possible using my actual setup or if there is a better alternative for that I'll be happy to know.

This is a matter of firewall rules. Since we don't know the current configuration of your firewall, and since the individual firewall rules work in concert, you have to post the export of configuration of both routers to get a more useful advice (see my automatic signature below; hide-sensitive is the default behaviour in RouterOS 7 so don't use that modifier, it is not recognized).

From the security point of view, it is enough that the firewall at the "server" side drops incoming connections from the "client" side; from the point of view of traffic load on metered connections like LTE, it may make sense to drop them already at the "client" side router.

Other than that, the topic title looks more like a claim that there is a bug in the Wireguard behavior than like a description of the desired state. Also, what you want is unrelated to the particular type of VPN you use.

First of all thanks for reply.
I’ll post the export of config as soon as I can access the router.
Actually the behavior from WireGuard looks ok to me, but as I don’t know how it should behave exactly in this case I can’t affirm if it’s ok.
When I add drop rules in input and forward chain with in-interface: WireGuard it actually drops the connections from site B to site A, but it also drops the replies from site B when I try to access it from site A. Looks like I’m doing something wrong but don’t know what it is.

There is a concept called "stateful firewall", built around a connection tracking module that flags each packet with a connection-state attribute the firewall rules can match on. So the decision what to allow and what not is made when handling the initial packet of each connection; if that one is accepted, all subsequent packets belonging to that "connection" are accepted as well, regardless their direction.

The firewall rules in the default configuration of SOHO devices follow this concept; if you've got them installed, it should be easy to add several lines of configuration to get what you want. If you have no firewall rules at all, your routers and networks behind them can be in danger.

I have the accept rules for stablished and related and drop rule for everything else in the end of firewall for forward and input chains, just like defconf. Tried to setup an accept stablished and rated for WireGuard input and drop rule in the end for WireGuard too but this setup was also allowing connections from site B to site A, that I don’t want.
When I get home I will post the export.
Thanks again for help

Just figured it out now because of your reply. Actually I'm just a curious with some RBs running and trying to make things work the correct way and understand why/how they work.
I added: Worked just as I wanted. Can access subnet on site B, site B can reply, but cant access site A subnet.