Could your html structure cause the exploit to randomly work/not work? I see a lot of "non standard" html, maybe this could be an issue? For example; why use onclick handlers on div's to open the .html files of the exploit instead of just pointing to them with the standard a tag, that's default...