If I understand the earlier discussion correctly, the PoC exploit doesn't automatically determine the offsets, but other code exists to do that. All you that needs to be done is combine the two - PaXTeam and Spender just havn't done so (perhaps deliberately). In which case, the attack can work perfectly well at scale.
As per your comment earlier, it's still not a massive problem for many specific entities, even if it's still a significant problem for the general internet eco-system (giving bad people control of things to use as staging posts for further bad stuff, etc.).