This feature would depend on the implementation of client-specific filtering in pihole 5.0. I have laid out a brief concept below but I am no expert so, if this is possible, there is likely a better way to do it.

Desired functionality

I would like trusted network users who do not have admin access (nor the sophistication for it) to be able to add to their device's whitelist.

Concept

If a user has been given vpn access to my home network, then they are trusted. If the user is connected to the vpn and a site is blocked, he/she must either contact me and wait until i am available to whitelist or disconnect from the vpn. While connected to the vpn, the user could simply send an email to xx@xx.com with the url and their client name. The pihole would match, e.g., the mac or ip address of the sending device to the client name then add the url to the associated whitelist.

Hypothetical

For instance, if my little brother is insta-facing he is at work while I am at work working, I would like for him to be able to unblock sites without my intervention.

Since they are trusted, why not give them the Pi-Hole password or remove the password entirely? Then they can whitelist as desired.

You're absolutely right. Time for the kid to learn.

"Give a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime."